Security Affairs

DECEMBER 26, 2024

The experts pointed out that this Mirai variant has been modified to use improved encryption algorithms. Hardware manufacturers do not always issue patches for retired devices, and the manufacturer itself may sometimes be defunct. TheMiraivariant incorporates ChaCha20 and XOR decryption algorithms. ” concludes the report.

Manufacturing

SecureWorld News

JUNE 9, 2025

Much of the industry still relies on legacy operational tech (OT) systems that lack modern security features such as automated patch management and encryption by default. A cyberattack on any link, be it a ground-handling contractor or a software provider, can trigger cascading failures.

Cybersecurity

Hacker's King

DECEMBER 24, 2024

Quantum Computing Threats While quantum computing offers immense potential, it also poses a serious risk to traditional encryption methods. Hackers with access to quantum technology could potentially break existing cryptographic protocols, necessitating the development of quantum-resistant encryption.

Cybersecurity

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” ” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network. .

Ransomware

SecureWorld News

JANUARY 16, 2025

Ensure compliance with regulations When IT support processes fail to align with manufacturing needs, the consequences are significant: Staying informed: Governments and industry bodies frequently update regulations to address emerging threats. Companies must monitor these changes and ensure compliance to avoid legal penalties.

Energy and Utilities

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” The attackers are also spotted manually disabling and encrypting virtual machines.

Ransomware

Adam Shostack

JANUARY 2, 2025

While secure boot has hardware components, an SBOM would at least improve awareness of what the manufacturer is shipping. Second, the Pledge should require that the manufacturer creates, maintains and shares a high level threat model showing product trust boundaries and external dependencies. Not shown in my excerpt.)

Manufacturing

Security Affairs

FEBRUARY 28, 2025

Unfortunately, manufacturers often sell older OS versions as newer ones. Vo1d botnet has enhanced its stealth and resilience with RSA encryption to secure communication, preventing C2 takeover. Many users reported devices labeled as running Android 10 or 12, but they were actually using Android 7.1.

Antivirus

Adam Shostack

FEBRUARY 12, 2025

Elements move around arbitrarily between diagrams (for example, in Fig 3, Manufacturers are at 11 oClock relative to the wet lab, but when that diagram is expanded (without any See Figure 4 in Fig 3), its now at 2 oclock. (We read both text and diagrams left to right and top to bottom.) In general, the diagrams are not easy to read.

Risk

SecureWorld News

JUNE 18, 2025

Recent research from Forescout has revealed that roughly 35,000 solar power systems are exposed to the internet, with researchers discovering 46 new vulnerabilities across three major manufacturers that could potentially destabilize power grids. We know IoT can be insecure. That's where a simple threat model can go a long way!

Firmware

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

IT Security Guru

MARCH 26, 2025

Until the last ten years or so, we would largely categorise robots as reactive with mostly industrial applications in areas like manufacturing or warehousing. Verified Identity, access permission controls, data encryption are all challenges for the cybersecurity industry in a world of autonomous machines!

Cybersecurity

Security Affairs

JULY 26, 2025

The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. They were open to negotiating payment amounts, which were not specified in the initial ransom note but are discussed via a.onion URL provided after encryption.

Ransomware

Security Affairs

MARCH 12, 2025

The malware kills previous instances, deletes itself to evade detection, reads system configuration files, and establishes an encrypted C2 channel on port 82. It processes encrypted data over a RAW socket, limiting further analysis. The shell module enables backdoor access for data exfiltration and persistence.

IoT

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. It intercepts credentials by hooking into Versa’s “setUserPassword” method, encrypting and storing them on disk.

VPN

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. Attackers employ a double extortion strategy, encrypting victim data and threatening to publicly release it if the ransom is unpaid.

Ransomware

Duo's Security Blog

JUNE 17, 2025

Once these conditions are met, Duo Mobile will create end-to-end encrypted backups of all Duo accounts which are eligible for Instant Restore as a part of your Google backup. Restoring accounts Your old device is no longer needed to reactivate Duo Accounts, since the reactivation secrets are stored in the encrypted backup.

Backups

Hacker's King

NOVEMBER 16, 2024

Hackers could exploit weak or outdated encryption, intercept communications between the vehicle and remote services, and access control features, such as unlocking the doors or even starting the engine. The company is working on updating its software and strengthening encryption to protect against unauthorized access.

Hacking

SecureWorld News

FEBRUARY 24, 2025

While quantum power poses risks to traditional encryption, it also opens the door to revolutionary cybersecurity advancements that could redefine how we protect data, detect threats, and secure critical infrastructure.

Cybersecurity

Malwarebytes

FEBRUARY 18, 2025

The exact steps depend on your computer’s manufacturer and model. Secondly, even with a legitimate reason to store them, the date should have been encrypted, and of course the hard drives should have been decommissioned responsibly. Unless you’re afraid of law enforcement or a very skilled attacker that should be enough.

Marketing

SecureList

APRIL 23, 2025

The campaign, dubbed “Operation SyncHole”, has impacted at least six organizations in South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, and we are confident that many more companies have actually been compromised. All traffic is encrypted with the generated AES key.

Malware

SecureList

MAY 28, 2025

The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates. Communication with the C2 API was encrypted with RC4 using a hardcoded key and Base64-encoded.

Banking

SecureList

DECEMBER 23, 2024

dat Encrypted VBShower backdoor AppCache028732611605321388.log:AppCache0287326116053213889292.vbs Sample VBShower Cleaner content VBShower::Backdoor The backdoor’s payload is contained encrypted within a DAT file. Encrypted VBShower backdoor VBShower::Launcher goes through several stages to decrypt the backdoor.

Encryption

Security Boulevard

MARCH 21, 2025

NCSC) FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence (FBI) 4 - Groups call for IoT end-of-life disclosure law Manufacturers of internet-of-things (IoT) devices should be required by law to disclose the products theyre no longer supporting, so that customers are aware of the security risks those products pose.

Risk

Digital Shadows

MARCH 17, 2025

VPN Infrastructures Allure for Threat Actors PNs have become a fundamental part of network security for organizations worldwide, enabling secure remote access to systems, encrypting sensitive data during transmission, and protecting internal networks from unauthorized access. This threat hunt identifies accounts at risk of this attack vector.

VPN

SecureList

NOVEMBER 29, 2024

The threat actor specializes in encrypting and then deleting its targets’ data, which suggests that the group’s primary objective is to cause as much damage as possible. Head Mare post on X Head Mare has targeted a variety of industries, including government, energy, transportation, manufacturing and entertainment.

Energy and Utilities

SecureList

APRIL 25, 2025

Neither payload is encrypted. Loading the configuration All field values within the configuration are encrypted using AES-128 in ECB mode and then encoded with Base64. For this purpose, the malware periodically transmits a wealth of device information (MAC address, model, CPU, manufacturer, IMEI, IMSI, etc.),

Cryptocurrency

eSecurity Planet

NOVEMBER 4, 2024

The fix: Use encryption for all your Git configuration; avoid committing sensitive data, including credentials; and set strict access requirements for your repositories. These flaws could particularly affect smart devices in manufacturing and supply chain environments. The tools are found on underground marketplaces.

Software

Security Boulevard

FEBRUARY 14, 2025

CISA and FBI urge manufacturers to use proven prevention methods and mitigations to eliminate this class of defect while urging software customers to demand secure products from manufacturers that include these preventions, the agencies wrote in a joint fact sheet. Kirsten Gillibrand (D-N.Y.)

Banking

Malwarebytes

FEBRUARY 26, 2025

I use end-to-end-encrypted (E2EE) messaging for a reason. Im not oblivious to the many users that would be better off with such a service, but Im not so sure theyd appreciate it. However, what really concerned me is the fact that Google is looking at my incoming and outgoing pictures.

Artificial Intelligence

Digital Shadows

NOVEMBER 27, 2024

Example: A pharmaceutical manufacturer uses an AI tool to help them test and refine their drug formulas. The model it’s built on collects the manufacturer’s formula data to retrain its model. Example: A manufacturing company uses an AI tool for supply-chain management.

Energy and Utilities

SecureList

NOVEMBER 28, 2024

However, P8 contains many built-in functions and redesigns of the communication protocol and encryption algorithm, making it a well-designed and powerful espionage platform. Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry.

Malware

Centraleyes

JUNE 23, 2025

Real-World Applications of Zero Trust in 2025 Surespan, a UK-based manufacturer involved in major infrastructure projects, implemented Zero Trust to address security challenges as its global operations expanded. Here’s why this is important: Zero Trust relies heavily on encryption to secure communications and protect sensitive data.

Encryption

SecureWorld News

APRIL 3, 2025

Then came the inevitable: a ransomware attack that encrypted patient records, forced appointment cancellations for three weeks, and ultimately cost more than $12 million in recovery costs, regulatory fines, and lost revenue. Sarah, a newly appointed CISO at a manufacturing company, inherited a failed multi-factor authentication project.

Ransomware

Webroot

MARCH 12, 2025

Backing up your data simply means creating copies of your important files and storing them in secure, encrypted locations. Many hard drives fail in less than three years , and its been found that the newer drives have shorter lifespans than those manufactured before 2015.

Backups

Security Boulevard

MAY 2, 2025

Earlier in 2024, CISA joined the National Security Agency to publish five information sheets detailing cloud security best practices and mitigations in areas including cloud IAM; keys management; network segmentation and encryption; and data protection. Tenable was one of the 68 original signatories of the pledge.

Cybersecurity

SecureWorld News

JULY 10, 2025

Manufacturing and logistics firms, increasingly digitized and AI-driven, are acutely at risk: state-aligned hackers are "infiltrating the digital arteries of commerce" from ports to payment systems. Nation-state actors have experimented with implanting backdoors on hardware components during manufacturing—a nightmare scenario for detection.

Manufacturing