SecureWorld News

JANUARY 8, 2025

Cyber Trust Mark, a voluntary cybersecurity labeling program designed to help consumers make informed decisions about the security of their internet-connected devices. While voluntary, Consumer Reports hopes that manufacturers will apply for this mark, and that consumers will look for it when it becomes available."

IoT

Security Affairs

DECEMBER 26, 2024

“Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” .” reads the analysis published by Akamai. ” concludes the report.

Manufacturing

SecureWorld News

DECEMBER 8, 2024

Attackers are intercepting and storing encrypted internet traffic in anticipation of future quantum decryptiona practice known as "store now, decrypt later." This approach poses a significant threat, as sensitive information transmitted today could be decrypted in the future.

Encryption

Hacker's King

DECEMBER 24, 2024

Growth of IoT Security Solutions With billions of Internet of Things (IoT) devices connecting to networks worldwide, IoT security will be a top priority. Expect an increase in regulations requiring manufacturers to implement stronger security features in devices, alongside enhanced monitoring of IoT networks.

Cybersecurity

Security Affairs

APRIL 5, 2025

Source NewsBytes The Port of Seattle first reported experiencing an internet and web systems outage. The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The attack impacted websites and phone systems.

Data breaches

SecureWorld News

JULY 17, 2025

Fortinet warns that nation-state and ransomware actors remain highly active, with manufacturing once again the most targeted sector. Securing remote access remains one of the top priorities for many organizations especially in high-risk OT and ICS environments, which need to be kept well away from the public internet.

CISO

eSecurity Planet

APRIL 3, 2025

millionwill go toward creating an EU Cybersecurity Reserve, a rapid-response force to tackle cyberattacks targeting hospitals, energy grids, and undersea internet cables. Cybersecurity gets a major boost A big chunk of the funding45.6 Another significant effort is developing a Cyber Resilience Act single reporting platform.

Cybersecurity

SecureList

DECEMBER 9, 2024

was used by tens of millions of websites approximately 4% of all sites on the internet which highlights the severity of the incident, whose full impact is yet to be determined. A potentially more impactful threat lies in the satellite internet access supply chain. Why does it matter? According to Cloudflare, Polyfill.io

Internet

SecureWorld News

JUNE 30, 2025

The latest Europol "Internet Organised Crime Threat Assessment" reaffirms that cybercriminals now operate like sophisticated businesses, now with AI assistance and organized online communities. Compare this to a 200-person manufacturing company's entire IT budget. Attackers specifically target manufacturing.

Manufacturing

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Other critical sectors, including manufacturing and government facilities, also faced significant threats. The report highlights a staggering $16.6

Cybercrime

Security Affairs

JULY 18, 2025

They dropped hidden payloads or used internet protocol (IP) scanning tools, such as Angry IP Scanner, to search for vulnerable Remote Desktop Protocol (RDP) ports or by leveraging RDP on Microsoft Windows environments. The experts observed a massive spike in activity associated with this threat actor between May and June 2023.

Ransomware

Zero Day

JULY 12, 2025

  Why you shouldn't plug everything into an extension cord Extension cords are manufactured with a maximum capacity to handle electrical current, which is determined by the size or gauge of the wire used in the cord.

Computers and Electronics

SecureWorld News

NOVEMBER 18, 2024

OT/ICS environments are often critical components of all organizations, not just manufacturing and critical infrastructure. Water is no exception." Neglecting security measures for ICS can indeed pose a significant threat. "OT/ICS

Cybersecurity

Malwarebytes

JUNE 24, 2025

If you have internet-connected cameras in or around your home, be sure to check their settings. Researchers just discovered 40,000 of them serving up images of homes and businesses to the internet. These are often completely exposed to the internet, according to the report. Botnets made of up connected devices are common.

Internet

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” ” reads the joint advisory.

Ransomware

SecureList

APRIL 23, 2025

The campaign, dubbed “Operation SyncHole”, has impacted at least six organizations in South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, and we are confident that many more companies have actually been compromised. The software has since been updated with patched versions.

Malware

Security Boulevard

MARCH 21, 2025

NCSC) FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence (FBI) 4 - Groups call for IoT end-of-life disclosure law Manufacturers of internet-of-things (IoT) devices should be required by law to disclose the products theyre no longer supporting, so that customers are aware of the security risks those products pose.

Risk

Security Affairs

MAY 28, 2025

PumaBot skips broad internet scans and instead pulls a list of targets from its C2 server to brute-force SSH logins. “Notably, the malware checks for the presence of the string Pumatronix, a manufacturer of surveillance and traffic camera systems, suggesting potential IoT targeting or an effort to evade specific devices.”

Surveillance

SecureWorld News

APRIL 23, 2025

Manufacturing: IP theft and ransomware are top risks; OT/ICS systems still lag in basic controls. Organizations must leverage a risk-based approach and prioritize vulnerability scanning and patching for internet-facing systems. Healthcare: Insider threats and error-related breaches dominate.

CISO

IT Security Guru

MARCH 26, 2025

Until the last ten years or so, we would largely categorise robots as reactive with mostly industrial applications in areas like manufacturing or warehousing. The pace of AI maturity as it enters its eighth decade has led industry experts to name this the intelligent era and I wholeheartedly agree.

Cybersecurity

SecureWorld News

AUGUST 14, 2025

Operational Technology (OT) is the beating heart of critical infrastructure—power grids, manufacturing plants, oil refineries, and water systems. At the most basic, organizations are connecting their OT networks for the first time, eliminating the so-called air-gap from the internet.

Risk

Zero Day

JULY 3, 2025

How to check - and what you can do According to a detailed technical analysis by Rapid7, Brother uses a password generation algorithm during manufacturing that is easily reversible. That means Brother's only remedy is to update its manufacturing line so that new printers ship with non-predictable default passwords.

Password Management

Digital Shadows

MARCH 17, 2025

The ransomware targets unpatched internet-facing servers, impacting systems across 70+ countries in sectors like critical infrastructure, health care, governments, education, technology, manufacturing, and small- to medium-sized businesses.

VPN

Security Boulevard

MAY 2, 2025

Segment networks and block outbound connections from internet-facing servers to prevent lateral movement and privilege escalation. It is important that customers increasingly demand manufacturers embrace and provide products and services that are secure-by-design and secure-by-default, reads the guide.

Cybersecurity

SecureList

NOVEMBER 28, 2024

Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry. For example, new persistence mechanisms were detected and we found that the loading mechanism of the final payload, the P8 beacon, also changed. In terms of victimology, there was little change.

Malware

SecureList

MAY 28, 2025

This included the contact list, the list of installed applications, and various device identifiers, such as the manufacturer, model, and fingerprint. Upon startup, the malware would collect key information from the infected device.

Banking

Zero Day

JUNE 26, 2025

The exact steps may vary slightly by manufacturer, but the general process remains the same. If you're an Apple user, here's  how to clear the cache on an iPhone. How to clear cached data from Android apps What you'll need: Any Android device.

Password Management

Malwarebytes

JANUARY 8, 2025

The White House announced the launch of the US Cyber Trust Mark which aims to help buyers make an informed choice about the purchase of wireless internet-connected devices, such as baby monitors, doorbells, thermostats, and more.

Computers and Electronics

Schneier on Security

FEBRUARY 26, 2025

Apple, already dependent on China for both sales and manufacturing, won’t be able to refuse. The UK government, like the Australians and the FBI in years past, argues that this type of access is necessary for law enforcement—that it is “ going dark ” and that the internet is a lawless place.

Computers and Electronics

SecureList

MARCH 13, 2025

Localtonet is a reverse proxy server providing internet access to local services. An example download link is: hxxp://45[.]156[.]21[.]148:8443/winuac.exe 148:8443/winuac.exe Besides cloudflared and Gost, the attackers used cloud tunnels like ngrok and Localtonet. hxxp://localtonet[.]com/nssm-2.24.zip com/nssm-2.24.zip zip hxxp://localtonet[.]com/download/localtonet-win-64.zip

Energy and Utilities

Security Affairs

FEBRUARY 20, 2025

Using internet scanning data, Insikt Group identified more than 12,000 Cisco network devices with their web UIs exposed to the internet. Much of this pivoting included the use of network equipment from a variety of different manufacturers.” and Italy, a U.K.-affiliated affiliated U.S. reads the report published by Insikt.

Telecommunications

SecureList

DECEMBER 23, 2024

Sample VBShower Launcher content VBShower::Cleaner This script is designed to clear the contents of all files inside the LocalMicrosoftWindowsTemporary Internet FilesContent.Word folder by opening each in write mode. log:AppCache028732611605321388.dat, dat, before using the Execute() function to pass control to that file.

Encryption

The Last Watchdog

NOVEMBER 10, 2024

The Internet of Things is growing apace. It requires technical innovation to mesh with supporting security standards and emerging government regulations much quicker and smoother than has ever happened in the Internet era. Related: The Top 12 IoT protocols Deployment of 5G and AI-enhanced IoT systems is accelerating.

IoT

SecureList

JULY 25, 2025

Entities across multiple sectors were affected: government, finance, manufacturing, forestry, and agriculture. SharePoint requires Internet Information Services (IIS) to be configured in integrated mode. This is where the first Microsoft SharePoint Server Spoofing Vulnerability CVE-2025-49706 comes into play.

Authentication

Malwarebytes

FEBRUARY 26, 2025

If the uninstall option is grayed out, you may only be able to disable it Manage Permissions : If you choose not to uninstall the service, you can also check and try to revoke any SafetyCore permissions, especially internet access Note: depending on the software version and manufacturer of your device, these instructions may be slightly off.

Artificial Intelligence

Centraleyes

JUNE 23, 2025

Real-World Applications of Zero Trust in 2025 Surespan, a UK-based manufacturer involved in major infrastructure projects, implemented Zero Trust to address security challenges as its global operations expanded. It’s a shift in how users experience the network, and you’ll need to sell this change.

Encryption

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. Moreover, RDP ports are often exposed to the internet, which allows threat actors to easily scan for open ports and launch brute-force attacks.

Cyber Attacks