This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Manufacturing systems, especially the ones that work with SCADA technology (Supervisory Control and Data Acquisition), IoT devices, and other critical technologies, depend heavily on efficient IT support to ensure that the downtime is minimal, and the performance is optimal.
The Notice delivered to Hyundai discusses covered data, which is defined as any information or data about a vehicle manufactured, sold, or leased by you, regardless of whether deidentified or anonymized. The car manufacturers involved in that complaint are Toyota, Lexus, Mazda, Chrysler, Dodge, Fiat, Jeep, Maserati, and Ram.
The other was hacked both by Pegasus and by the spyware from another cyberweapons arms manufacturer: Cytrox. Citizen Lab published another report on the spyware used against two Egyptian nationals. One was hacked by NSO Group’s Pegasus spyware. We haven’t heard a lot about Cytrox and its Predator spyware.
Forbes has the story : Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said.
. […] Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico. Details.
Food and Drug Administration (FDA) takes a proactive stance with a detailed "Cybersecurity Risk Management Playbook" aimed at medical device manufacturers and their supply chain partners. A core theme of the playbook is the shared responsibility between device manufacturers and their supply chain partners.
FinFisher has shut down operations. This is the spyware company whose products were used, among other things, to spy on Turkish and Bahraini political opposition.
More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.
The intent of the Future Made in Australia Act is to build manufacturing capabilities across all sectors, which will likely lead to more demand for IT skills and services.
Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and (..)
Doctor Web warns that the attackers gained access to the supply chain of a number of Chinese manufacturers of Android-based smartphones. A third of the models listed below are manufactured under the SHOWJI brand.“ The kits analyzed by the company are commercialized by many manufacturers including Huawei, Lenovo and Xiaomi.
Experts discovered an undocumented hidden feature in the ESP32 microchip manufactured by Espressif, which is used in over 1 billion devices. At the RootedCON , researchers at Tarlogic Innovation presented their findings on undocumented commands in the ESP32 microchip designed by the Chinese manufacturer Espressif.
GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly. “The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. VulnCheck alerted affected manufacturers to the flaws, only receiving a response from PTZOptics. ” reads the analysis published by GreyNoise.
New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.
The DOE said it assesses risks but faces challenges due to manufacturers’ poor disclosure. The DOE said it assesses risks, but faces challenges due to manufacturers’ poor disclosure. supply chains and integrate trusted equipment into the power grid as domestic manufacturing grows.
The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.
The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for. Unique passwords installed by default are still permitted.
The Israeli cyberweapons arms manufacturer — and human rights violator , and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them.
The activity, first detected by ReliaQuest in May 2025 targeting an unnamed customer in the manufacturing sector, is characterized by the use of fake login pages to access the employee payroll portal and redirect
Manufacturers like Nucor are increasingly targeted by cyberattacks that can disrupt operations and supply chains. As investigations continue, stakeholders across the manufacturing and cybersecurity industries will be closely monitoring developments to glean insights and reinforce their own defensive measures.
Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. More on this here.
Yet another article about cyber-weapons arms manufacturers and their particular supply chain. This one is about Windows and Adobe Reader zero-day exploits sold by an Austrian company named DSIRF. There’s an entire industry devoted to undermining all of our security. It needs to be stopped.
No information can be given to “overseas organizations or individuals” other than the product’s manufacturer. Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make.
EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote.
Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024. reads the advisory published by the Taiwanese manufacturer. The vulnerability is a SQL injection (SQLi) issue that impacts the QNAP’s SMB Service.
Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies.
However, industries reliant on shared devices—such as healthcare, retail, and manufacturing—face unique challenges. Similarly, in retail and manufacturing, delays caused by authentication procedures reduce overall efficiency. These fast-paced environments need a more flexible approach to balance security, speed, and user privacy.
This is a dumb crypto mistake I had not previously encountered: A developer says it was possible to run their own software on the car infotainment hardware after discovering the vehicle’s manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. […].
The criminals targeted keyless vehicles from two French car manufacturers. As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized.
“Most of the infected devices were manufactured in China. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 botnet to exploit IoT devices on home networks, like streaming devices, projectors, and infotainment systems, mostly made in China. ” BADBOX 2.0
Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. For a company like Bosch that supplies automotive parts for many different manufacturers, the number would be more like 200.)
The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. VulnCheck alerted affected manufacturers to the flaws, only receiving a response from PTZOptics. The manufacturer released firmware updates addressing these flaws.” Affected devices use VHD PTZ camera firmware < 6.3.40
The BSI (Germanys Cyber Agency) has released BSI TR-03183: Cyber Resilience Requirements for Manufacturers and Products, which aims to provide manufacturers with advance access to the type of requirements that will be imposed on them by the future Cyber Resilience Act (CRA) of the EU.
As an early building block, we developed NIST IR 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers, which describes recommended activities related to cybersecurity for manufacturers
Safety First For Automated Driving " is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. Lets explore the risks associated with Automated Driving. One way to read it is that those disciplines have strongly developed safety cultures, which generally do not consider cybersecurity problems.
Recent research from Forescout has revealed that roughly 35,000 solar power systems are exposed to the internet, with researchers discovering 46 new vulnerabilities across three major manufacturers that could potentially destabilize power grids. We know IoT can be insecure. That's where a simple threat model can go a long way!
Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN : In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle,” (..)
While voluntary, Consumer Reports hopes that manufacturers will apply for this mark, and that consumers will look for it when it becomes available." Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark. As the White House noted, the Cyber Trust Mark "connects companies, consumers, and the U.S.
. “XE Group transitioned from credit card skimming to targeted information theft, marking a significant shift in their operational priorities.Their attacks now target supply chains in the manufacturing and distribution sectors, leveraging new vulnerabilities and advanced tactics.” ” reads the analysis published by Intezer.
Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). There aren’t many weak keys out there, but there are some: So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack.
As part of the EU’s digital transformation, recent regulations are encouraging manufacturers to issue CoCs in electronic form. A CoC is based on Regulation (EU) 2018/858 and it certifies that a vehicle meets EU type-approval standards (a set of regulatory, technical and safety requirements vehicle manufacturers must adhere to).
And in manufacturing plants, theyre increasingly found in industrial control systems and autonomous robotics. Meanwhile, regulations such as Californias IoT Security Law and the European Unions Cyber Resilience Act are pushing manufacturers to embed minimum security standards into their designs.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content