Authentication, Information Security, Internet and Manufacturing

VNC instances exposed to Internet pose critical infrastructures at risk

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Exposing VNCs to the internet, increases the likelihood of a cyberattack. connected via VNC and exposed over the internet.

Internet

Internet Internet Risk Cybercrime

Access:7 flaws impact +150 device models from over 100 manufacturers

Security Affairs

MARCH 8, 2022

The platform allows remote access and management of connected devices to manufacturers through an agent is installed on devices. The impact of these flaws is widespread, experts determine that the issues impact more than 150 device models from over 100 manufacturers. Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing IoT Authentication Financial Services

Agencies Warn of Pro-Russia Hackers Targeting OT Control Systems

SecureWorld News

MAY 7, 2024

According to a new joint cybersecurity alert , the hacktivists have been observed gaining remote access to small-scale industrial control systems used in water/wastewater, dams, energy, and food and agriculture by exploiting internet-exposed human-machine interfaces (HMIs) and using default or weak passwords.

Passwords

Passwords Manufacturing Technology Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Passwords Internet

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

The experts pointed out that the exploiting the vulnerabilities requires user authentication, as well as deep knowledge of the proprietary protocol of CODESYS V3 and the structure of the different services that the protocol uses. Check with the device manufacturers for available patches and update the device firmware to version to 3.5.19.0

Authentication

Authentication Firmware Hacking Passwords

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0: Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

An educational robot security research

SecureList

FEBRUARY 27, 2024

Toy manufacturers are striving to keep up with these trends, releasing more and more models that can also be called “smart.” ” For instance, educational robots that connect to the internet and support video calls. Toy The robot connects to a home Wi-Fi network and interacts with the application through the internet.

Education

Education Manufacturing Firmware Internet

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. It contained ComfyApp credentials and endpoints. There are a lot of opportunities for threat actors here.

Manufacturing

Manufacturing IoT Technology Authentication

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The FBI is working with private sector partners who manufacture smart devices to advise customers about the scheme and how to avoid being victimized. The FBI recommends users to enable two-factor authentication (2FA) for smart devices exposed online. Users should update their passwords on a regular basis.

Passwords

Passwords Surveillance Manufacturing Accountability

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. The state of IoT is poor enough as it is, security wise. hard drive, storage device, the cloud).

Ransomware

Ransomware Manufacturing Passwords Internet

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.”

Surveillance

Surveillance Authentication Telecommunications Manufacturing

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. The vulnerability was reported to Fortinet by the researcher Charles Fol and Dany Bach ( DDXhunter ) from Lexfo Security. states the report published by Fortinet.

Firewall

Firewall VPN Firmware Internet

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Both tools could be used to target SOHO and other routers manufactured by major industry providers, including Cisco, Fortinet, and MikroTik. Enforce multifactor authentication (MFA) for all users, without exception [ D3-MFA ]. ” reads the advisory published by the US agencies. Enforce MFA on all VPN connections [ D3-MFA ].

Telecommunications

Telecommunications Authentication Passwords Accountability

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Security Affairs

DECEMBER 14, 2023

The vulnerability is an authentication bypass issue affecting the on-premises version of TeamCity. and below is prone to an authentication bypass, which allows an unauthenticated attacker to gain remote code execution (RCE) on the server. According to Shodan, more than 3,000 on-premises servers are exposed to the Internet.

Antivirus

Antivirus Software Authentication Internet

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Hacking Ransomware Malware

B. Braun Infusomat pumps could be hacked to alter medication doses

Security Affairs

AUGUST 27, 2021

CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7) CVE-2021-33882 – Missing Authentication for Critical Function (CVSS 8.2) CVE-2021-33883 – Cleartext Transmission of Sensitive Information (CVSS 7.1) An attacker doesn’t need any authentication to conduct the attack.

Hacking

Hacking Authentication Internet Internet

7 Ways Enterprises are Taking Advantage of Biometrics

Security Boulevard

AUGUST 11, 2023

Biometrics are known to have been a boon to digital security and data protection, but there are a variety of other use cases across industries. Biometrics are automated methods used to identify an individual or verify/authenticate an individual's identity based on physiological characteristics and behavioral traits.

Healthcare

Healthcare Authentication Passwords IoT

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw.

Firmware

Firmware Manufacturing Software Authentication

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

” The MiCODUS MV720 GPS Tracker is a popular vehicle GPS tracker manufactured in China, which is used by consumers for theft protection and location management, and by organizations for vehicle fleet management. The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile.

Manufacturing

Manufacturing Passwords Mobile Authentication

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet.

IoT

IoT Cybersecurity Manufacturing Internet

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., ransomware and phishing scams).

Ransomware

Ransomware Passwords Backups Firmware

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

We identified at least 65 different affected vendors with close to 200 unique fingerprints, thanks both to Shodan’s scanning capabilities and some misconfiguration by vendors and manufacturers who expose those devices to the Internet. The exploit attempts to deploy a Mirai variant detected in March by Palo Alto Networks [3].

IoT

IoT Firmware Internet Internet

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Volt Typhoon targets internet-facing Fortinet FortiGuard devices to achieve initial access to targeted organizations.

Accountability

Accountability VPN Manufacturing Firewall

Californian IT company DNA Micro leaks private mobile phone data

Security Affairs

OCTOBER 18, 2023

Other companies affected by the leak included screen protectors and phone case manufacturers, such as Liquipel and Otterbox, which used the warranty service. Once the instance is exposed to the internet – without being secured by authentication – it’s accessible to anyone.

Mobile

Mobile Phishing Manufacturing Risk

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

In this phase of the project that started in 2013 ( SOHOpelessly Broken 1.0 ) , the researchers assessed the security of 13 SOHO router and NAS devices and found a total of 125 new vulnerabilities. . This research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices.”

Manufacturing

Manufacturing IoT Advertising Authentication

Experts devised advanced SMS phishing attacks against modern Android-based phones

Security Affairs

SEPTEMBER 4, 2019

The issue affects several modern Android-based phones, including devices manufactured by Samsung, Huawei, LG and Sony. In these attacks, a remote agent can trick users into accepting new phone settings that, for example, route all their Internet traffic through a proxy controlled by the attacker. Authenticated with PIN.

Phishing

Phishing Mobile Authentication Internet

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” Experts warn that the Energy sector was a major focus of this campaign, followed by manufacturing, and insurance. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

How Dow Jones used the pandemic to undergo a zero trust overhaul

SC Magazine

MAY 18, 2021

“What zero trust is helping us [to do] is manage the new environment, the new ecosystem we have to support now,” said Mauricio Guerra, Dow Jones Chemical’s director of global information security in keynote at the RSA Conference May 18. Click here for more coverage of the 2021 RSA Conference.

IoT

IoT Telecommunications Manufacturing Firewall

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

It collaborates with Airbus, the second-largest aerospace company globally after Boeing, to manufacture aerospace equipment. Also, the company manufactures surface-to-air defense systems and missiles. The leak also included the JWT secret key, another type of token, which is usually used for authentication.

Manufacturing

Manufacturing Media Accountability Risk

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data. Some of the devices support multiple 10-gigabit uplinks and provide Internet connectivity to up to 1024 ONTs (clients). ” continues the experts.

Firmware

Firmware Accountability Advertising Manufacturing

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. Require multi-factor authentication for remote access to OT and IT networks. other than VPN gateways, mail ports, web ports).

Ransomware

Ransomware Healthcare Phishing Risk

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

CISA published a security advisory to warn of multiple critical vulnerabilities affecting in Prima FlexAir access control system. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of critical flaws affecting access control systems manufactured by Prima Systems.

Backups

Backups Authentication Advertising Firmware

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. At the end of the process, the firmware was rewritten to the device’s memory. The mainboard of the Annke N48PBB.

Surveillance

Surveillance Hacking Firmware Manufacturing

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page.

Malware

Malware Firmware Advertising Manufacturing

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Cisco Security

OCTOBER 18, 2021

Major research efforts on how to detect these IEDs and detonate them harmlessly, or to infiltrate and disrupt bomb manufacturing, were referred by the idiom “Left of Boom.” The major cloud providers are inherently more secure than almost anything that can be done internally, and they’re getting more secure all the time.

Cybersecurity

Cybersecurity CISO Insurance Risk

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices.

Malware

Malware Advertising Passwords Manufacturing

The Analyst Prompt #05: Russo-Ukrainian Cyberattacks, and Updates on Lapsus$ and Conti Ransomware Operations

Security Boulevard

MARCH 24, 2022

2 ] The threat actor leveraged a set of misconfigured Multi-Factor Authentication (MFA) accounts that enabled it to enroll a new device for MFA and to access the victim network. The German Federal Office for Information Security (BSI) issued a warning about the use of Kaspersky products. [ Viasat Inc., link] (accessed Mar.

Ransomware

Ransomware Malware Government Antivirus

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Unauthenticated vulnerability scans should be conducted to view the systems from the perspective of an external hacker and authenticated vulnerability scans should be conducted to view systems from the perspective of a hacker with stolen credentials. Broader is always better to control risks, but can be more costly.]

Penetration Testing

Penetration Testing Risk Firmware Software

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. 7}' 1432d89.

Firmware

Firmware Manufacturing Passwords Penetration Testing

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT

IoT Risk Architecture Manufacturing

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

Mukkavilli “ChargePoint is committed to the security of all customer data, and through this collaboration, we’ve implemented critical enhancements to Home Flex,” said Teza Mukkavilli, Chief Information Security Officer of ChargePoint. This unauthorized access could extend to each connected charger.

IoT

IoT InfoSec Firmware Manufacturing

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Encryption VPN Manufacturing

VNC instances exposed to Internet pose critical infrastructures at risk

Access:7 flaws impact +150 device models from over 100 manufacturers

Webinars

Trending Sources

Agencies Warn of Pro-Russia Hackers Targeting OT Control Systems

Webinars

3.5m IP cameras exposed, with US in the lead

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Nexx bugs allow to open garage doors, and take control of alarms and plugs

An educational robot security research

Siemens Metaverse exposes sensitive corporate data

FBI warns swatting attacks on owners of smart devices

FBI warns of ransomware threat to food and agriculture

A flaw in Dahua IP Cameras allows full take over of the devices

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

China-linked threat actors have breached telcos and network service providers

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

B. Braun Infusomat pumps could be hacked to alter medication doses

7 Ways Enterprises are Taking Advantage of Biometrics

NI CompactRIO controller flaw could allow disrupting production

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

FBI warns of ransomware attacks targeting the food and agriculture sector

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Realtek SDK flaws exploited to deliver Mirai bot variant

China-linked APT Volt Typhoon targets critical infrastructure organizations

Californian IT company DNA Micro leaks private mobile phone data

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Experts devised advanced SMS phishing attacks against modern Android-based phones

A massive phishing campaign using QR codes targets the energy sector

How Dow Jones used the pandemic to undergo a zero trust overhaul

Key aerospace player Safran Group leaks sensitive data

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

US CISA and FBI publish joint alert on DarkSide ransomware

CISA warns of critical flaws in Prima FlexAir access control system

An RCE in Annke video surveillance product allows hacking the device

QSnatch malware infected over 62,000 QNAP NAS Devices

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

QNAP urges users to update Malware Remover after QSnatch joint alert

The Analyst Prompt #05: Russo-Ukrainian Cyberattacks, and Updates on Lapsus$ and Conti Ransomware Operations

Vulnerability Management Policy Template

Experts found backdoors in a popular Auerswald VoIP appliance

IoT Devices a Huge Risk to Enterprises

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

Researchers released a free decryption tool for the Rhysida Ransomware

Stay Connected