Data collection and Manufacturing - Cyber Security Informer

App cyberattacks jump 137%, with healthcare, manufacturing hit hard, Akamai says

CSO Magazine

APRIL 18, 2023

An analysis of customer data collected by content delivery network and internet services giant Akamai found that attacks targeting web applications rose by 137% over the course of last year, as the healthcare and manufacturing sectors in particular were targeted with an array of API and application-based intrusions.

Manufacturing

Manufacturing Healthcare Data collection Internet

The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

Security Boulevard

MAY 2, 2024

Chris Clements, VP of Solutions Architecture at CISO Global “Hey Alexa, are you stealing my company’s data?” In an age where manufacturers have decided that just about every device needs to be “smart,” it’s becoming difficult to avoid the data collection and privacy invasion that are often baked into these devices.

Surveillance

Surveillance IoT CISO Data collection

China passes new automobile data security law

CyberSecurity Insiders

AUGUST 20, 2021

According to a media update released by the Cyberspace Administration of China (CAC) the new law called the Personal Information Protection Law(PIPL) will come into force from October 26th,2021 and will aim to standardize solutions pertaining to data security risks in automobile sector.

Manufacturing

Manufacturing Data collection Media Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

LLM Summary of My Book Beyond Fear

Schneier on Security

SEPTEMBER 15, 2023

Where possible, favor openness and transparency over aggressive data collection or restrictions which erode civil liberties. Privacy Rights – Pervasive monitoring and data collection erode privacy rights and dignity. Security theater manufactures consent. Focus only on proportional responses.

Data collection

Data collection Risk Surveillance Manufacturing

US Federal Judge Upholds Automakers' Right to Record Texts, Call Logs

SecureWorld News

NOVEMBER 15, 2023

The automakers argued that their practice was necessary to provide certain features and services, such as hands-free calling and texting, and that customers had consented to the data collection by agreeing to the terms of service when they purchased their vehicles. For the auto manufacturers involved, this is a significant victory.

Data collection

Data collection Technology Surveillance Data privacy

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity. Talos believes that NineRAT was built around May 2022, but was first spotted on March 2023 as part of Operation Blacksmith. In March, the threat actors hit a South American agricultural organization.

Malware

Malware Data collection Manufacturing Healthcare

Why car location tracking needs an overhaul

Malwarebytes

MAY 13, 2024

Modern cars are the latest consumer “device” to undergo an internet-crazed overhaul, as manufacturers increasingly stuff their automobiles with the types of features you’d expect from a smartphone, not a mode of transportation. No, we’re not talking about stalkerware. Or hidden Apple AirTags. We’re talking about cars.

Manufacturing

Manufacturing Mobile Wireless Data collection

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

There are three major threat vectors that harm IoT deployments: Devices are hijacked by malicious software; Data collected and processed in IoT ecosystems is tampered with and impacts the confidentiality, integrity and availability of the information; and, Weak user and device authentication. However, the security mindset is changing.

IoT

IoT Manufacturing Energy and Utilities Data collection

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Security Affairs

FEBRUARY 12, 2023

An internal audit of surveillance equipment in Australian government and agency offices revealed the presence of more than 900 built systems manufactured by Chinese companies Hikvision and Dahua. The decision of the Australian government is aligned with similar decisions taken by the US and UK governments.

Surveillance

Surveillance Government Manufacturing Risk

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

Threatpost

MARCH 20, 2020

The coronavirus pandemic is creating a lucrative market for facial recognition manufacturers. But privacy issues need to be top of mind, tech experts warn.

Manufacturing

Manufacturing Marketing Data collection Surveillance

Antlion APT group used a custom backdoor that allowed them to fly under the radar for months

Security Affairs

FEBRUARY 3, 2022

A China-linked APT group tracked as Antlion is using a custom backdoor called xPack in attacks aimed at financial organizations and manufacturing companies, Symantec researchers reported. ” xPack allowed threat actors to run WMI commands remotely and mount shares over SMB to transfer data from C2 servers to them.

Manufacturing

Manufacturing Malware Data collection Encryption

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

The Last Watchdog

DECEMBER 6, 2018

And, in doing so, the IC has developed an effective set of data handling and cybersecurity best practices. Businesses at large would do well to model their data collection and security processes after what the IC refers to as the “intelligence cycle.” Related video: Using the NIST framework as a starting point.

Financial Services

Financial Services Data collection Manufacturing Cyber Attacks

Data Privacy concerns erupt with Robotic Vacuums

CyberSecurity Insiders

JANUARY 29, 2021

Consumer Reports(CR) Digital Lab Initiative has tested such devices and has offered its consumers a report on how well are the companies manufacturing such devices are dealing with their user privacy. But is urging the OEM to bring transparency on how it protects the data collected from its users of its connected devices.

Data privacy

Data privacy Data collection Passwords Manufacturing

Microsoft illegally collected and retained children's data, says FTC

Malwarebytes

JUNE 6, 2023

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from children’s Xbox accounts. The Xbox manufacturer has reached a settlement with the Federal Trade Commision (FTC), a result which promises to have other console developers looking closely at their privacy policies.

Accountability

Accountability Advertising Data collection Manufacturing

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm.

Ransomware

Ransomware Malware Data collection Encryption

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

While it's unlikely that China would bother spying on commuters using subway cars, it would be much less surprising if a tech company offered free Internet on subways in exchange for surveillance and data collection. Our enemies do it.

Surveillance

Surveillance Wireless Government Internet

Building a foundation of trust for the Internet of Things

Thales Cloud Protection & Licensing

DECEMBER 13, 2018

With consumers in particular prioritising convenience and functionality over security, it’s down to manufacturers to ensure security is embedded into devices from the point of creation. Authentic, secure patching ensures that manufacturers can mitigate security issues before cyber criminals can act.

Internet

Internet Internet IoT Manufacturing

Vehicle Identification Numbers reveal driver data via telematics

Malwarebytes

DECEMBER 6, 2022

There are many ways that data collection, and data availability, make less sense as the years pass by. The individual sections of the 17 digit number detail all manner of information about the car, ranging from manufacturer to attributes. What say you, car manufacturers?

Manufacturing

Manufacturing Wireless Risk Data collection

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

“The second reason for this healthy public debate is that thought leaders in technology are in the best position to implement tools for respecting consumer privacy, such as providing full disclosure about data collection and requiring consent for collection of sensitive personal data. McConomy: Facebook, Instagram, etc.,

Data privacy

Data privacy Manufacturing Education Technology

7 Steps to Measure ERM Performance

Centraleyes

FEBRUARY 19, 2024

Shortcomings in Traditional Risk Management: Silos Example: A manufacturing company focuses on department-specific risks, such as production delays, without assessing how these issues might affect overall supply chain efficiency or customer satisfaction. Automate data collection processes to reduce reliance on manual intervention.

Risk

Risk Marketing Manufacturing Data collection

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

NOVEMBER 5, 2018

Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX) , a product it has launched in 2017 and that was designed to protect industrial facilities from USB-borne threats.

Malware

Malware IoT Advertising Data collection

Android Apps containing Clicker Trojan installed on over 100M devices

Security Affairs

AUGUST 10, 2019

Data collected by the malware include manufacturer and model, OS version, country of residence of the user, the default language of the system, user agent identifier, name of mobile operator, type of internet connection, screen options, time zone, and information about the tainted application containing the Trojan.

Mobile

Mobile Advertising Malware Data collection

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

SecureWorld News

JANUARY 8, 2024

Implicit consent issues: The mere presence of an AI assistant-enabled device may imply consent to data collection, which can be problematic for users who are not fully aware of the extent of data gathering and processing. Supply chain attacks: Since the hardware button is a physical component, its supply chain could be targeted.

Artificial Intelligence

Artificial Intelligence Surveillance Technology Risk

How we can secure the future of healthcare and telemedicine

CyberSecurity Insiders

MAY 14, 2021

For IoT connected medical devices, for example, it is essential that healthcare providers ensure the manufacturer they choose has designed digital security into the device from the ground up and at all points in the ecosystem to prevent vulnerabilities at the weakest point jeopardising the security of the whole device.

Healthcare

Healthcare IoT Technology Data collection

Letting the Internet of Things into Your Home

SiteLock

AUGUST 27, 2021

One of the biggest concerns I hear and share is that the manufacturer may suddenly discontinue development of updates. How long will it be before the manufacturer decides that you’ll need to buy the new version in order to continue getting updates? The problem with many consumer electronics is their planned obsolescence.

Internet

Internet Internet IoT Computers and Electronics

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet. Here we had a situation where an attacker could easily control moving parts within a car from a remote location.

IoT

IoT Firmware Risk Manufacturing

Avoid The Hack: 3 Best Privacy Browser Picks for Android

Security Boulevard

JUNE 24, 2023

Of the Android phones that don't, they may come with another manufacturer browser that proves non-privacy friendly and/or has questionable security. Engage in limited telemetry or data collection Browsers should not phone home any browsing related activity. Most Android phones come from the factory with Google Chrome installed.

Hacking

Hacking Data collection Manufacturing Engineering

IoT Security: Designing for a Zero Trust World

SecureWorld News

SEPTEMBER 15, 2021

These devices interweave with each other, creating an essential fabric in our data collection methods, manufacturing operations, and much more. But what about securing this technology and the data flow coming from an army of Internet of Things environments? Securing your IoT environment.

IoT

IoT Encryption Internet Internet

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

The threats that are notable for the Asian region are represented by a significant number of attacks aimed at manufacturing of chips, microprocessors and system control boards of different IT vendors, whose principal manufacturing operations are located in Asia.

Cybercrime

Cybercrime Hacking Banking Phishing

Defining Good: A Strategic Approach to API Risk Reduction

Security Boulevard

JANUARY 18, 2024

In another example, consider a manufacturing company that mandates an API standard that requires that all external facing APIs that deliver CAD design documents be over an encrypted channel, authenticated via JWT, and must always be served by a particular API gateway, behind a particular CDN.

Risk

Risk Government Artificial Intelligence Threat Detection

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

CyberSecurity Insiders

SEPTEMBER 29, 2021

Section 40121: Enhancing Grid Security through Public-Private Partnership – The Secretary (Energy), in consultation with the Secretary of Homeland Security and the heads of other relevant Federal agencies, State regulatory authorities, industry stakeholders, and the Electric Reliability Organization, shall carry out a program— (A) to develop, (..)

Energy and Utilities

Energy and Utilities Cybersecurity Technology Architecture

IoT Devices and HIPAA Compliance: 6 Things Healthcare Orgs Must Know

SecureWorld News

JUNE 14, 2022

IoT devices are always collecting data. Most IoT device users realize IoT devices collect and derive massive amounts of data. But the amount, and types, of data collected are much greater than what most realize; how can they know without training? Many third parties access, use, and share IoT data.

IoT

IoT Healthcare Risk Firmware

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

TS: Yes, you can put something into everything, but all of a sudden you have this massive big data collection problem on the back end where you as the attacker have created a different kind of analysis problem. Of course, some nations have more capability than others to sift through huge amounts of data they’re collecting.

Computers and Electronics

Computers and Electronics Internet Internet Technology

Security vulnerabilities in major car brands revealed

Malwarebytes

JANUARY 9, 2023

Sounding horns, disabling start up, reporting a vehicle as stolen, even accessing built in cameras are all possible for rogue entities should they manage to break into a manufacturer’s network. What access, data, and control was made available to researchers. Are these issues still a problem?

Manufacturing

Manufacturing Data collection Social Engineering Engineering

What does a car need to know about your sex life? Lock and Code S04E20

Malwarebytes

SEPTEMBER 25, 2023

A team of researchers at Mozilla which has reviewed the privacy and data collection policies of various product categories for several years now, named "Privacy Not Included," recently turned their attention to modern-day vehicles, and what they found shocked them. But here's a surprise answer with just as much validity: Cars.

Manufacturing

Manufacturing Data collection Advertising Media

Unleashing the Power of a Security Data Lake

SecureWorld News

APRIL 3, 2023

The data collected from various sources is then analyzed using various tools. Main features of SDL There are five key features that SDL should have: The key component of SDL is the automation of data collection and parsing. Viewing this data manually is unrealistic. Automation of adding context for security logs.

Unstructured Data

Unstructured Data Data collection Information Security Backups

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

The attacks targeted 553 different types of devices from 212 manufacturers, ranging from digital signage and smart TVs to set-top boxes, IP cameras, and automotive multimedia systems. Zscaler’s ThreatLabz research team also saw such devices as smart refrigerators and musical furniture connected to the cloud and open to attack.

IoT

IoT Risk Architecture Manufacturing

Preparing for IT/OT convergence: Best practices

CyberSecurity Insiders

SEPTEMBER 21, 2021

For example, the recent ransomware that leverages IT/OT convergence including the manufacturing and energy industries has prompted CISA to issue guidance regarding ransomware impacting OT environments ( read the guidance and how Tenable can help). • Configuration control that tracks all changes to code, OS & firmware regardless.

Energy and Utilities

Energy and Utilities Threat Detection Manufacturing Technology

What will 2023 bring in the realms of cybersecurity and privacy?

Thales Cloud Protection & Licensing

JANUARY 4, 2023

Data sovereignty hits the road. The concept of "data sovereignty" refers to both the legality of data collection and storage in accordance with local laws. Data is always in motion due to the global nature of most businesses, whose customers and partners may be situated anywhere in the world.

Cybersecurity

Cybersecurity Risk Ransomware Marketing

21 million free VPN users’ data exposed

Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves.

VPN

VPN Passwords Internet Internet

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

SEPTEMBER 20, 2019

The personal data collected by the criminal botnets is the source of baseline intelligence that ideologues and propagandists continue to use to target and refine their disinformation campaigns, which they typically disperse by social media.

Ransomware

Ransomware Government Firewall Cyber Insurance

How a man used a fake finger to trick his smartphone biometrics

CyberSecurity Insiders

JUNE 29, 2021

This means that there were no faults in the system of the manufacturer. It’s powered by AI which analyses the data collected by the biometric scanner and verifies if the source is coming from a live or fake representation. Where does liveness detection fit in this scenario?

Marketing

Marketing Technology Data collection Authentication

Drawing the RedLine – Insider Threats in Cybersecurity

Security Boulevard

MARCH 31, 2022

Data collection from FTP clients, IM clients. Seen in attacks against healthcare and manufacturing agencies, RedLine started with heavy-hitter industries and only got worse as more users purchased it. Autocomplete fields. Credit cards. Supported browsers: All browsers based on Chromium (even latest version of Chrome).

Cybersecurity

Cybersecurity Social Engineering Passwords Malware

Understanding Changing Software Delivery Trends and Key Strategies for Growth

Thales Cloud Protection & Licensing

JANUARY 18, 2022

Integrating usage data into a billing solution enables an end-to-end offering covering the complete sequence from data collection to invoice production. While no one argues about the potential benefits of usage data, we found that putting usage information to practical use is a challenge for many.

Software

Software Digital transformation Mobile Data collection

App cyberattacks jump 137%, with healthcare, manufacturing hit hard, Akamai says

The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

Webinars

Trending Sources

China passes new automobile data security law

Webinars

LLM Summary of My Book Beyond Fear

US Federal Judge Upholds Automakers' Right to Record Texts, Call Logs

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Why car location tracking needs an overhaul

Critical Success Factors to Widespread Deployment of IoT

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

Antlion APT group used a custom backdoor that allowed them to fly under the radar for months

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

Data Privacy concerns erupt with Robotic Vacuums

Microsoft illegally collected and retained children's data, says FTC

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

On Chinese "Spy Trains"

Building a foundation of trust for the Internet of Things

Vehicle Identification Numbers reveal driver data via telematics

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

7 Steps to Measure ERM Performance

USB drives are primary vector for destructive threats to industrial facilities

Android Apps containing Clicker Trojan installed on over 100M devices

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

How we can secure the future of healthcare and telemedicine

Letting the Internet of Things into Your Home

IoT Unravelled Part 3: Security

Avoid The Hack: 3 Best Privacy Browser Picks for Android

IoT Security: Designing for a Zero Trust World

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Defining Good: A Strategic Approach to API Risk Reduction

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

IoT Devices and HIPAA Compliance: 6 Things Healthcare Orgs Must Know

Supply Chain Security 101: An Expert’s View

Security vulnerabilities in major car brands revealed

What does a car need to know about your sex life? Lock and Code S04E20

Unleashing the Power of a Security Data Lake

IoT Devices a Huge Risk to Enterprises

Preparing for IT/OT convergence: Best practices

What will 2023 bring in the realms of cybersecurity and privacy?

21 million free VPN users’ data exposed

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

How a man used a fake finger to trick his smartphone biometrics

Drawing the RedLine – Insider Threats in Cybersecurity

Understanding Changing Software Delivery Trends and Key Strategies for Growth

Stay Connected