Information Security and Manufacturing - Cyber Security Informer

TIDRONE APT targets drone manufacturers in Taiwan

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The attacks were detected in Taiwan and mostly targeted military-related industries, specifically the manufacturer of drones. “we investigated TIDRONE , a threat actor linked to Chinese-speaking groups.

Manufacturing

Manufacturing Antivirus Malware Software

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

Doctor Web warns that the attackers gained access to the supply chain of a number of Chinese manufacturers of Android-based smartphones. A third of the models listed below are manufactured under the SHOWJI brand.“ The kits analyzed by the company are commercialized by many manufacturers including Huawei, Lenovo and Xiaomi.

Malware

Malware Manufacturing Mobile Spyware

Undocumented hidden feature found in Espressif ESP32 microchip

Security Affairs

MARCH 9, 2025

Experts discovered an undocumented hidden feature in the ESP32 microchip manufactured by Espressif, which is used in over 1 billion devices. At the RootedCON , researchers at Tarlogic Innovation presented their findings on undocumented commands in the ESP32 microchip designed by the Chinese manufacturer Espressif.

IoT

IoT Manufacturing Firmware Marketing

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly. “The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. VulnCheck alerted affected manufacturers to the flaws, only receiving a response from PTZOptics. ” reads the analysis published by GreyNoise.

Firmware

Firmware Manufacturing IoT Healthcare

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Security Affairs

MAY 18, 2025

The DOE said it assesses risks but faces challenges due to manufacturers’ poor disclosure. The DOE said it assesses risks, but faces challenges due to manufacturers’ poor disclosure. supply chains and integrate trusted equipment into the power grid as domestic manufacturing grows.

Energy and Utilities

Energy and Utilities Manufacturing Government Hacking

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Security Affairs

FEBRUARY 24, 2021

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Bombardier pointed out that manufacturing and customer support operations have not been impacted. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Manufacturing

Manufacturing Ransomware Cybercrime Hacking

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Security Affairs

AUGUST 3, 2022

Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. The company is investigating the security breach with the help of external cyber security and forensic experts. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Ransomware Encryption Data breaches

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Security Affairs

MARCH 23, 2021

Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. Sierra Wireless announced it has halted its production at manufacturing facilities due to the ransomware attack, it is currently working to restart the production “soon.”.

Wireless

Wireless Manufacturing Ransomware IoT

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

SecureWorld News

MAY 29, 2024

The manufacturing sector faces an increasingly daunting cyber threat landscape that puts production operations, intellectual property, and entire supply chains at risk. Manufacturers must make cyber resilience a fully institutionalized part of their organizational identity." trillion annually. "

Manufacturing

Manufacturing CISO Cyber threats Risk

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Hacking Data breaches Ransomware

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. The post Threat actor claims to have hacked European manufacturer of missiles MBDA appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Hacking Passwords Cybersecurity

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The post BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider appeared first on Security Affairs. Asahi Group Holdings, Ltd.

Manufacturing

Manufacturing Ransomware Hacking Data breaches

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Security Affairs

FEBRUARY 12, 2025

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.

Computers and Electronics

Computers and Electronics Ransomware Manufacturing Data breaches

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

OCTOBER 31, 2024

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024.

Backups

Backups Manufacturing Hacking Information Security

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Security Affairs

APRIL 6, 2022

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure. Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems. Pierluigi Paganini.

Manufacturing

Manufacturing Cyber Attacks Ransomware Hacking

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 5, 2024

The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. used in PTZOptics, Multicam Systems SAS, and SMTAV Corporation devices based on Hisilicon Hi3516A V600 SoC V60, V61, and V63 should take immediate action to patch the discovered vulnerabilities and secure their systems. concludes the report.

Firmware

Firmware Manufacturing Authentication IoT

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Security Affairs

JUNE 9, 2025

These compromised devices are used for criminal activity after attackers gain unauthorized access through security flaws. “Most of the infected devices were manufactured in China. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 ” BADBOX 2.0

IoT

IoT Internet Internet Advertising

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

. “XE Group transitioned from credit card skimming to targeted information theft, marking a significant shift in their operational priorities.Their attacks now target supply chains in the manufacturing and distribution sectors, leveraging new vulnerabilities and advanced tactics.”

Manufacturing

Manufacturing Cybercrime Authentication Passwords

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the gangs Tor leak site, at least 182 companies are victims of the operation. The victims of the group are targets of opportunity.

Government

Government Hacking Ransomware Manufacturing

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Hacking Security Awareness

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

0795 or above) Taiwanese manufacturer QNAP also patched three zero-day vulnerabilities that were exploited by security researchers during the recent Pwn2Own Ireland 2024. .” Below is the list of affected versions: BeePhotos for BeeStation OS 1.0 (Upgrade to 1.0.2-10026 10053 or above) Synology Photos 1.6

Firmware

Firmware Manufacturing Hacking Media

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

. “The incident has caused disruptions and limitation of access to certain of the Company’s information systems and business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.”

Ransomware

Ransomware Manufacturing Malware Hacking

Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack

Security Affairs

AUGUST 17, 2023

Cleaning products manufacturer Clorox Company announced that it has taken some systems offline in response to a cyberattack. The Clorox Company is a multinational consumer goods company that specializes in the production and marketing of various household and professional cleaning, health, and personal care products.

Manufacturing

Manufacturing Cyber Attacks Marketing Hacking

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Hacking

Hacking Manufacturing Education Government

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. More recently, Sultan Qasim Khan, a principal security adviser with a UK-based security firm, tricked a Tesla into thinking the driver was inside by rerouting communication between the automaker’s mobile app and the car.

Malware

Malware Manufacturing IoT Software

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

Hardware manufacturers do not always issue patches for retired devices, and the manufacturer itself may sometimes be defunct. Therefore, in circumstances in which security patches are unavailable and unlikely to come, we recommend upgrading vulnerable devices to a newer model.” ” concludes the report.

Manufacturing

Manufacturing Malware Firmware IoT

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack.

Technology

Technology Ransomware Manufacturing Engineering

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. . “A physically present attacker could exploit these vulnerabilities by connecting a specially crafted USB device – such as an iPod or mass storage device – to the target system. x) may also be vulnerable.

Hacking

Hacking Firmware Software Manufacturing

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications IoT

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” . “Cloak primarily targets small to medium-sized businesses in Europe, with Germany as a key focus. ” reads a report published by Halcyon.

Ransomware

Ransomware Hacking Social Engineering Manufacturing

Cartier disclosed a data breach following a cyber attack

Security Affairs

JUNE 4, 2025

Cartier ( @Cartier ) has confirmed unauthorized access to its systems, compromising sensitive customer information. Cartier designs, manufactures, distributes, and sells jewelry, watches, leather goods, and accessories. Due to the data involved, the company warns customers to stay alert for unsolicited or suspicious communications.

Data breaches

Data breaches Cyber Attacks Manufacturing Banking

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. Hive0117 group has been active since February 2022, it is known for using DarkWatchman malware in phishing attacks across Russia, Belarus, Baltics and Kazakhstan.

Malware

Malware Phishing Telecommunications Antivirus

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

OCTOBER 19, 2024

The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, APT)

Internet

Internet Internet Engineering Malware

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. The ransomware attack took place in January as per a regulatory filing with the Indian National Stock Exchange. ” reads the filing.

Technology

Technology Ransomware Engineering Manufacturing

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. KG is a German weapon manufacturer headquartered in Überlingen. Diehl Defence GmbH & Co. It operates as a division of Diehl Stiftung and specializes in the production of missiles and ammunition. .”

Manufacturing

Manufacturing Hacking Cyber Attacks Malware

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In the video, the REvil representative stated that the most desirable targets for the group were agriculture companies, manufacturers, insurance firms, and law firms. The REvil actor claimed that on average roughly one in three of its victims agrees to pay an extortion fee.

Hacking

Hacking Ransomware Banking Accountability

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. “Some of the security issues were detected more than once. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here.

Manufacturing

Manufacturing IoT Firmware VPN

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Security Affairs

OCTOBER 17, 2022

Oomiya is focused on designing and manufacturing microelectronics and facility system equipment. The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing.

Manufacturing

Manufacturing Ransomware Healthcare Marketing

A cyberattack disrupted operations of US chipmaker Microchip Technology

Security Affairs

AUGUST 22, 2024

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. chipmaker Microchip Technology suffered a cyberattack that disrupted operations at several of its manufacturing plants. ” reads the FORM 8-K report filed with Securities and Exchange Commission (SEC).

Technology

Technology Manufacturing Hacking Cybersecurity

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Security Affairs

DECEMBER 3, 2024

Bootkitty exploits LogoFAIL via tampered BMP files to inject shellcode, bypass Secure Boot, and target specific devices from different manufacturers, including Acer, HP, Fujitsu, and Lenovo. Despite a security patch was released, several devices are still vulnerable. ” reads the report.

Firmware

Firmware Manufacturing Malware Authentication

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Over the years, experts observed several attacks employing rootkits that were specifically developed to target the firmware to achieve persistence and bypassing security solutions. The Secure Boot mechanism allows the execution of only software that is trusted by the Original Equipment Manufacturer (OEM).

Firmware

Firmware Technology Software Manufacturing

A ransomware attack pushed the German napkin firm Fasana into insolvency

Security Affairs

JUNE 20, 2025

. “A cyberattack has potentially serious consequences for the approximately 240 employees of the Euskirchen-based company Fasana : The attack caused so much damage to the paper napkin manufacturer that it has now filed for insolvency.” ” states the insolvency administrator Maike Krebber.

Ransomware

Ransomware Encryption Manufacturing Hacking

A cyberattack halted operations at Varta production plants

Security Affairs

FEBRUARY 15, 2024

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack disrupted operations at five production plants and the administration.

Manufacturing

Manufacturing Cyber Attacks Ransomware Internet

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. Snatch ransomware operators already leaked 35.9 Pierluigi Paganini.

Data breaches

Data breaches Ransomware Manufacturing Hacking

TIDRONE APT targets drone manufacturers in Taiwan

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Trending Sources

Undocumented hidden feature found in Espressif ESP32 microchip

PTZOptics cameras zero-days actively exploited in the wild

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Threat actor claims to have hacked European manufacturer of missiles MBDA

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

XE Group shifts from credit card skimming to exploiting zero-days

Rhysida Ransomware gang claims the hack of the Government of Peru

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Ransomware attack hit Indian multinational Tata Technologies

Mazda Connect flaws allow to hack some Mazda vehicles

NCSC: New UK law bans default passwords on smart devices

Cloak ransomware group hacked the Virginia Attorney General’s Office

Cartier disclosed a data breach following a cyber attack

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

North Korea-linked APT37 exploited IE zero-day in a recent attack

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

A cyberattack disrupted operations of US chipmaker Microchip Technology

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

A ransomware attack pushed the German napkin firm Fasana into insolvency

A cyberattack halted operations at Varta production plants

Volvo Cars suffers a data breach. Is it a ransomware attack?

Stay Connected