Information Security, Internet and Manufacturing

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Security Affairs

NOVEMBER 9, 2020

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer. “According to the Internet PTT, 30% of the computers have been hit. . Pierluigi Paganini.

Manufacturing

Manufacturing Computers and Electronics Ransomware Media

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? Pierluigi Paganini.

Manufacturing

Manufacturing IoT Malware Cryptocurrency

VNC instances exposed to Internet pose critical infrastructures at risk

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Exposing VNCs to the internet, increases the likelihood of a cyberattack. connected via VNC and exposed over the internet. Pierluigi Paganini.

Internet

Internet Internet Risk Cybercrime

Access:7 flaws impact +150 device models from over 100 manufacturers

Security Affairs

MARCH 8, 2022

The platform allows remote access and management of connected devices to manufacturers through an agent is installed on devices. The impact of these flaws is widespread, experts determine that the issues impact more than 150 device models from over 100 manufacturers. Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing IoT Authentication Financial Services

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. More recently, Sultan Qasim Khan, a principal security adviser with a UK-based security firm, tricked a Tesla into thinking the driver was inside by rerouting communication between the automaker’s mobile app and the car.

Malware

Malware Manufacturing IoT Software

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. In response to the incident, the company disconnected the affected systems from the internet to prevent the threat from spreading. The Nexperia launched an investigation into the security breach with the help of third-party cybersecurity experts.

Ransomware

Ransomware Manufacturing Hacking Insurance

A cyberattack halted operations at Varta production plants

Security Affairs

FEBRUARY 15, 2024

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack disrupted operations at five production plants and the administration.

Manufacturing

Manufacturing Cyber Attacks Ransomware Internet

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Passwords Internet

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, more ransomware attacks occurred in spring and summer, with 1253 and 1275 victims, compared to winter and autumn, which had 611 and 1052 incidents, respectively. Winter was the least active time (14.6%

Ransomware

Ransomware Manufacturing Retail Insurance

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

how are they connected to the Internet (hint: they aren't, they are… [link] — Robᵉʳᵗ Graham ? ErrataRob) February 7, 2024 Several experts explained that electric toothbrushes have no direct connections to the internet, they relies on Bluetooth to connect to mobile apps. what was the brand of toothbrushes?

DDOS

DDOS IoT Media Internet

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. ” reads the advisory published by Trellix.

Hacking

Hacking Internet Internet Passwords

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. To mitigate the risk of the exploitation of the above flaws, it is recommended to disable internet connectivity for vulnerable Nexx devices or protect them with a firewall.

Manufacturing

Manufacturing Media Firewall Education

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. The state of IoT is poor enough as it is, security wise.

Ransomware

Ransomware Manufacturing Passwords Internet

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

Security Affairs

AUGUST 8, 2023

designs, manufactures, sells, and services medical devices and software products for treating cancer and other medical conditions worldwide. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. Varian Medical Systems, Inc.

Ransomware

Ransomware Healthcare Manufacturing IoT

ISO/IEC 27400 IoT security and privacy standard published

Notice Bored

JUNE 13, 2022

The new ISO/IEC 27400 standard takes a broad perspective with copious advice on information security and privacy for the designers, manufacturers, purchasers, users and administrators of IoT things.

IoT

IoT Manufacturing Risk Information Security

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

The Chinese nightmare is rapidly spreading among European countries, now a Czech cyber-security agency is warning against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Internet Internet Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. The publicly accessible.env file, hosted on the exail.com website, was exposed to the internet, meaning that anyone could have accessed it.

Technology

Technology Internet Internet Manufacturing

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. “If only 153,414 devices on the internet are patched, that leaves 335,923 / 489,337 = 69% unpatched.” states the report published by Fortinet.

Firewall

Firewall VPN Firmware Internet

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Mobile

Mobile Manufacturing Wireless Internet

An educational robot security research

SecureList

FEBRUARY 27, 2024

Toy manufacturers are striving to keep up with these trends, releasing more and more models that can also be called “smart.” ” For instance, educational robots that connect to the internet and support video calls. Toy The robot connects to a home Wi-Fi network and interacts with the application through the internet.

Education

Education Manufacturing Firmware Internet

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the Internet without any protection. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.”

Internet

Internet Internet Ransomware Encryption

Toyota Italy accidentally leaked sensitive data

Security Affairs

MARCH 28, 2023

Threat actors could abuse this information to gain access to Toyota clients’ phone numbers and email addresses and abuse them to launch phishing attacks. Cybernews has reached out to the car manufacturer, and, at the time of writing, the dataset has been secured. env) hosted on the official Toyota Italy website.

Marketing

Marketing Manufacturing Phishing IoT

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The Chinese firm was already excluded by several countries from building their 5G internet networks.

Manufacturing

Manufacturing Internet Internet Advertising

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

As worrying as it may seem, this comes as a clear reminder that when cameras are placed on the internet, they must be properly installed with security in mind. When smart devices are set up, they are still regularly placed around the home with no second thought for privacy,” said ESET Security Specialist Jake Moore.

IoT

IoT Internet Internet Hacking

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. The most worrying discovery was that of exposed office management platform ComfyApp user credentials.

Manufacturing

Manufacturing IoT Technology Authentication

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet.

IoT

IoT Cybersecurity Manufacturing Internet

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Banking

Banking Malware Manufacturing Business Services

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Below is our esteemed panel of SC Awards judges, contributing from health care, engineering, finance, education, manufacturing, nonprofit and consulting, among others. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program.

Computers and Electronics

Computers and Electronics Technology Education Information Security

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw.

Firmware

Firmware Manufacturing Software Authentication

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

ETL 2023 identified public administration as the most targeted sector (~19%), followed by targeted individuals (~11%), health (~8%), digital infrastructure (~7%) and manufacturing, finance and transport. Information manipulation has been as a key element of Russia’s war of aggression against Ukraine has become prominent.

Social Engineering

Social Engineering Artificial Intelligence Engineering Ransomware

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The FBI is working with private sector partners who manufacture smart devices to advise customers about the scheme and how to avoid being victimized. The FBI is also working to alert law enforcement first responders to this threat so they may respond accordingly.” Users should update their passwords on a regular basis.

Passwords

Passwords Surveillance Manufacturing Accountability

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

SC Magazine

MAY 17, 2021

But what might they offer the front-facing information security officer – someone with a ten-year plan, wondering what to prepare for down the line? The project envisions security changes brought from massively increased work from home, pervasive (and more invasive) wearable health monitors, even recreational neural implants.

Manufacturing

Manufacturing IoT Artificial Intelligence Technology

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

When FortiManager was not exposed to the Internet, the threat actors deployed a traffic redirector (Tableflip) and a passive backdoor (Reptile) to circumvent the new ACLs. ” concludes Mandiant.

Firewall

Firewall Manufacturing Government Firmware

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Hacking Ransomware Malware

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Small Business

Small Business Technology VPN Manufacturing

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Security Affairs

DECEMBER 14, 2023

According to Shodan, more than 3,000 on-premises servers are exposed to the Internet. And it’s even worse: With access to the build process, attackers can inject malicious code, compromising the integrity of software releases and impacting all downstream users.” reads the post published by Sonar. The flaw impacts on-premises version 2023.05.3

Antivirus

Antivirus Software Authentication Internet

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

The United States continues to highlight the risks to national security in case of adoption of Huawei equipment and is inviting internet providers and telco operators in allied countries to ban Huawei. Chinese equipment is broadly adopted in many allied countries, including Germany, Italy, and Japan. ” reported the AP News.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Swedish court suspended the ban on Huawei equipment

Security Affairs

NOVEMBER 12, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. The Chinese giant was already excluded by several countries from building their 5G internet networks.

Wireless

Wireless Internet Internet Manufacturing

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

Check with the device manufacturers for available patches and update the device firmware to version to 3.5.19.0 are disconnected from the internet and segmented, regardless of whether they run CODESYS. Below are the recommendations provided by Microsoft: Apply patches to affected devices in your network.

Authentication

Authentication Firmware Hacking Passwords

3 Ways the Role of CIO Has Changed and Will Continue to Do So Going Forward

Thales Cloud Protection & Licensing

AUGUST 24, 2021

Finding #2: CIOs Must Embrace a Holistic Security Approach. Years before the pandemic struck, organizations first began adding Internet of Things (IoT) along with Industrial Internet of Things (IIoT) devices to their networks. But they didn’t always take the proper precautions to secure those devices. Data security.

IoT

IoT Technology Manufacturing Digital transformation

Sweden bans Huawei and ZTE from building its 5G infrastructure

Security Affairs

OCTOBER 21, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. The Chinese giant was already excluded by several countries from building their 5G internet networks.

Wireless

Wireless Internet Internet Advertising

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

IoT devices at major Manufacturers infected with crypto-miner

Trending Sources

VNC instances exposed to Internet pose critical infrastructures at risk

Access:7 flaws impact +150 device models from over 100 manufacturers

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

A cyberattack halted operations at Varta production plants

3.5m IP cameras exposed, with US in the lead

Ransomware attacks break records in 2023: the number of victims rose by 128%

Unraveling the truth behind the DDoS attack from electric toothbrushes

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Nexx bugs allow to open garage doors, and take control of alarms and plugs

FBI warns of ransomware threat to food and agriculture

Updated Kmsdx botnet targets IoT devices

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

ISO/IEC 27400 IoT security and privacy standard published

Czech cyber-security agency warns over Huawei, ZTE security threat

Interview With a Crypto Scam Investment Spammer

Space and defense tech maker Exail Technologies exposes database access

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Belgium telecom operators Proximus and Orange drop Huawei

An educational robot security research

How to secure QNAP NAS devices? The vendor’s instructions

Toyota Italy accidentally leaked sensitive data

Czech public radio says Huawei Czech Unit secretly collected data

Hackers claim to have compromised 50,000 home cameras and posted footage online

Siemens Metaverse exposes sensitive corporate data

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

TinyNuke banking malware targets French organizations

Meet the 2021 SC Awards judges

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

NI CompactRIO controller flaw could allow disrupting production

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

FBI warns swatting attacks on owners of smart devices

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

China-linked APT Volt Typhoon linked to KV-Botnet

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

US officials claim Huawei Equipment has secret backdoor for spying

Swedish court suspended the ban on Huawei equipment

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

3 Ways the Role of CIO Has Changed and Will Continue to Do So Going Forward

Sweden bans Huawei and ZTE from building its 5G infrastructure

Stay Connected