Hacking, Internet, Malware and Manufacturing

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” continues the report.

Manufacturing

Manufacturing IoT Malware Cryptocurrency

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Security Affairs

NOVEMBER 9, 2020

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer. “According to the Internet PTT, 30% of the computers have been hit. Pierluigi Paganini.

Manufacturing

Manufacturing Computers and Electronics Ransomware Media

VNC instances exposed to Internet pose critical infrastructures at risk

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Exposing VNCs to the internet, increases the likelihood of a cyberattack. connected via VNC and exposed over the internet. Pierluigi Paganini.

Internet

Internet Internet Risk Cybercrime

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke.

Banking

Banking Malware Manufacturing Business Services

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. ” reads the press statement published by the company.

Ransomware

Ransomware Manufacturing Hacking Insurance

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. A new financially motivated threat actor, tracked by FireEye Experts as UNC2529, has targeted many organizations in the United States and other countries using several new pieces of malware.

Cybercrime

Cybercrime Malware Manufacturing Retail

Experts spotted a new Android malware while investigating by Russia-linked Turla APT

Security Affairs

APRIL 4, 2022

Researchers spotted a new piece of Android malware while investigating activity associated with Russia-linked APT Turla. Researchers at cybersecurity firm Lab52 discovered a new piece of Android malware while investigating into infrastructure associated with Russia-linked APT Turla. 240 address. ACCESS_WIFI_STATE View WIFI information.

Malware

Malware Internet Internet Manufacturing

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

WordPress sites using the Ultimate Member plugin are under attack LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC Avast released a free decryptor for the Windows version of the Akira ransomware Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor miniOrange’s WordPress Social Login and Register plugin (..)

Cybercrime

Cybercrime Hacking Ransomware Malware

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile

Mobile Malware Firmware Manufacturing

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! How to hack IoT & RF Devices with BürtleinaBoard. Despite FocacciaBoard is extremely useful during my night-to-night hardware hacking needs… there is another set of tools I cannot live without: pin enumeration ones. UART, JTAG, SWD, SPI, I2C).

IoT

IoT Hacking Firmware Advertising

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

The assault came from “ Meris ,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about its attack , which clocked in at 17.2 Image: Qrator.

IoT

IoT DDOS Internet Internet

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. But on Dec.

Passwords

Passwords Malware Internet Internet

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, more ransomware attacks occurred in spring and summer, with 1253 and 1275 victims, compared to winter and autumn, which had 611 and 1052 incidents, respectively. Winter was the least active time (14.6%

Ransomware

Ransomware Manufacturing Retail Insurance

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

The journalists reported that threat actors gained access to three million electric toothbrushes and installed a malware that joined them to the botnet. how are they connected to the Internet (hint: they aren't, they are… [link] — Robᵉʳᵗ Graham ? There are no details, like who is the target of the DDoS?

DDOS

DDOS IoT Media Internet

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices.

Malware

Malware Firmware Advertising Manufacturing

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

ZuoRAT is a sophisticated malware that mainly targets SOHO routers

Malwarebytes

JUNE 30, 2022

The researchers identified infected routers of several manufacturers including popular brands like ASUS, Cisco, DrayTek, and NETGEAR. The threat actor can then use DNS hijacking and HTTP hijacking to cause the connected devices to install other malware. ZuoRAT looks like a heavily modified version of the Mirai malware.

DNS

DNS Malware Small Business Firmware

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware

Malware Advertising Passwords Manufacturing

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

Security Affairs

AUGUST 8, 2023

The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. designs, manufactures, sells, and services medical devices and software products for treating cancer and other medical conditions worldwide. Varian Medical Systems, Inc.

Ransomware

Ransomware Manufacturing Healthcare IoT

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. Another campaign observed by ProofPoint aimed at German users impersonating the German internet service provider 1&1 Internet AG. SecurityAffairs – TA2101, hacking).

Government

Government Malware Social Engineering Banking

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

During the reporting period, key findings include: DDoS and ransomware rank the highest among the prime threats, with social engineering, data related threats, information manipulation, supply chain, and malware following. Information manipulation has been as a key element of Russia’s war of aggression against Ukraine has become prominent.

Social Engineering

Social Engineering Artificial Intelligence Engineering Ransomware

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. The publicly accessible.env file, hosted on the exail.com website, was exposed to the internet, meaning that anyone could have accessed it.

Technology

Technology Internet Internet Manufacturing

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Firmware Hacking Ransomware

Medtronic Devices Fatal Flaw? Hackers Demonstrate New Attacks

Adam Levin

AUGUST 13, 2018

Security researchers at the recent Black Hat and Def Con security conferences in Las Vegas have placed malware on pacemakers as a proof-of-concept hack to highlight the potential for security vulnerabilities in IoT-enabled medical devices. Medtronic manufactures the targeted pacemakers.

IoT

IoT Encryption Manufacturing Healthcare

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

Malwarebytes

APRIL 8, 2022

On Wednesday, the DOJ announced that it had disrupted GRU’s control over thousands of internet-connected firewall devices compromised by the Russian Sandworm group. It has been held responsible for destroying entire Ukrainian networks, triggering blackouts by targeting electrical utilities, and releasing the NotPetya malware.

Malware

Malware Internet Internet Government

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. “Clips from the hacked footage have been uploaded on pornographic sites recently, with several explicitly tagged as being from Singapore.” ” reported The New Paper.”

IoT

IoT Internet Internet Hacking

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

Security experts recently found notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Malware researchers from Trend Micro recently observed notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. ” concludes the analysis.

Malware

Malware DDOS DNS Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet. This type of malware attack is called a botnet attack. Malware, phishing, and web.

IoT

IoT Cybersecurity Manufacturing Internet

Fbot malware targets HiSilicon DVR/NVR Soc devices

Security Affairs

FEBRUARY 24, 2019

The Fbot malware was first discovered by 360Netlab researchers, according to the experts, the root problem might be a specific OEM application running on top of the HiSilicon devices. The experts only observed a few different camera brands as a number of camera manufacturers OEM HiSilicon DVR/NVR Soc device. Pierluigi Paganini.

Malware

Malware Passwords Advertising Manufacturing

Security in a World of Physically Capable Computers

Schneier on Security

OCTOBER 12, 2018

Stories like the recent Facebook hack , the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. As a result, we are stuck with hackable internet protocols, computers that are riddled with vulnerabilities and networks that are easily penetrated.

Government

Government Internet Internet Marketing

GoDaddy discloses a new data breach

Security Affairs

FEBRUARY 18, 2023

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. Web hosting company GoDaddy announced that attackers have stolen source code and installed malware on its servers. The malware intermittently redirected random customer websites to malicious sites.”

Data breaches

Data breaches Malware Cyber Attacks Manufacturing

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Security experts from Qihoo 360 NetLab spotted GhostDNS, a malware that already infected over 100K+ devices and targets 70+ different types of routers. Security experts from Qihoo 360 NetLab have uncovered an ongoing hacking campaign that leverages the GhostDNS malware. ” reads the analysis published by the experts.

DNS

DNS Malware Firmware Phishing

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

The products from multiple cybersecurity vendors started detecting the popular software as malware suggesting that the company has suffered a supply chain attack. Earlier today @CrowdStrike reported a supply chain attack targeting the 3CX Voice Over Internet Protocol (VOIP) Windows desktop client.

Software

Software Malware Manufacturing Internet

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

“This involved the use of a local zero-day vulnerability in FortiOS (CVE-2022-41328) and deployment of multiple custom malware families on Fortinet and VMware systems.” ” reads the report published by Mandiant. digital signature verification of system files through targeted corruption of boot files.

Firewall

Firewall Manufacturing Government Firmware

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Volt Typhoon)

Small Business

Small Business Technology VPN Manufacturing

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria. pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It’s notable that hacks to gain access to, and maintain control of, industrial control systems are a recurring theme in cyber warfare.

Energy and Utilities

Energy and Utilities Malware Hacking Passwords

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Mirai, Jeep Hack, etc.) An IoT device connected to a network is simply a potential bridge between the internet and a malicious entity. Driven by the need to secure themselves against increasing threats, organizations (both manufacturers and IoT consumers) realize that they need better built-in security. Threat vectors on IoT.

IoT

IoT Manufacturing Energy and Utilities Data collection

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

Just yesterday, only two days after the publication, our home security solution, Secure Home , detected attempts to exploit these vulnerabilities to spread a variant of a Mirai malware.” Mirai is a notorious IoT and router malware circulating in various forms for the last 5 years. SecurityAffairs – hacking, InkySquid).

IoT

IoT Firmware Internet Internet

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

“We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware) on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Encryption Financial Services

Router security in 2021

SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Routers are forever being hacked and infected, and used to infiltrate local networks. Moreover, most of these routers had the name HACKED-ROUTER-HELP-SOS-DEFAULT-PASSWORD, indicating they had already been compromised.

DDOS

DDOS Passwords IoT Firmware

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

Spotlight: as Attacks Mount, how to secure the Industrial Internet

The Security Ledger

DECEMBER 19, 2018

. » Related Stories Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities Cryptojacking and MikroTik’s Bad-Feeling Feel Good Patch Story. “Industry 4.0”

Internet

Internet Internet IoT Cyber Risk

IoT devices at major Manufacturers infected with crypto-miner

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Trending Sources

VNC instances exposed to Internet pose critical infrastructures at risk

TinyNuke banking malware targets French organizations

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Experts spotted a new Android malware while investigating by Russia-linked Turla APT

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Hacking IoT & RF Devices with BürtleinaBoard

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

The Link Between AWM Proxy & the Glupteba Botnet

Ransomware attacks break records in 2023: the number of victims rose by 128%

Updated Kmsdx botnet targets IoT devices

Unraveling the truth behind the DDoS attack from electric toothbrushes

QSnatch malware infected over 62,000 QNAP NAS Devices

Iran-linked APT group Pioneer Kitten sells access to hacked networks

ZuoRAT is a sophisticated malware that mainly targets SOHO routers

QNAP urges users to update Malware Remover after QSnatch joint alert

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

New TA2101 threat actor poses as government agencies to distribute malware

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Space and defense tech maker Exail Technologies exposes database access

Security Affairs newsletter Round 357 by Pierluigi Paganini

Medtronic Devices Fatal Flaw? Hackers Demonstrate New Attacks

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

Hackers claim to have compromised 50,000 home cameras and posted footage online

Trend Micro observed notable malware activity associated with the Momentum Botnet

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Fbot malware targets HiSilicon DVR/NVR Soc devices

Security in a World of Physically Capable Computers

GoDaddy discloses a new data breach

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

3CX voice and video conferencing software victim of a supply chain attack

China-linked APT likely linked to Fortinet zero-day attacks

China-linked APT Volt Typhoon linked to KV-Botnet

Interview With a Crypto Scam Investment Spammer

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

Critical Success Factors to Widespread Deployment of IoT

Realtek SDK flaws exploited to deliver Mirai bot variant

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Router security in 2021

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Spotlight: as Attacks Mount, how to secure the Industrial Internet

Stay Connected