Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords 138

Passwords Manufacturing Telecommunications Cyber Attacks 138

Schneier on Security

JULY 26, 2024

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

Firmware 338

Firmware Encryption Manufacturing Passwords 338

Adam Levin

MARCH 23, 2020

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Your password should be include letters, numbers and special characters in a combination you haven’t used on other accounts. Update Account Passwords: Don’t reuse passwords from other accounts.

Manufacturing 245

Manufacturing Passwords Phishing Firewall 245

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. ” As a proof of the hack Adrastea shared a link to a password-protected linked archive containing internal documents related to projects and correspondence. Pierluigi Paganini.

Manufacturing 135

Manufacturing Hacking Passwords Cybersecurity 135

Adam Levin

DECEMBER 30, 2020

In a public service announcement issued December 29, the FBI warned that “offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks.”. In some cases, the offender also live streams the incident on shared online community platforms,” explains the announcement.

IoT 300

IoT Hacking Internet Internet 300

The Hacker News

APRIL 29, 2024

National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024.

Passwords 140

Passwords Telecommunications Manufacturing 140

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. ” reads the analysis published by Intezer. ”concludes the report that also provides Indicators of Compromise (IoCs).

Manufacturing 113

Manufacturing Cybercrime Hacking Authentication 113

The Last Watchdog

MAY 24, 2022

This is one giant leap towards getting rid of passwords entirely. Excising passwords as the security linchpin to digital services is long, long overdue. Password abuse at scale arose shortly after the decision got made in the 1990s to make shared secrets the basis for securing digital connections. Our brains just won’t do it.”.

Authentication 342

Authentication Passwords Banking Digital transformation 342

Security Affairs

NOVEMBER 5, 2024

The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. The manufacturer released firmware updates addressing these flaws.”

Firmware 128

Firmware Manufacturing Authentication IoT 128

SecureWorld News

MAY 29, 2024

The manufacturing sector faces an increasingly daunting cyber threat landscape that puts production operations, intellectual property, and entire supply chains at risk. Manufacturers must make cyber resilience a fully institutionalized part of their organizational identity." trillion annually. "

Manufacturing 109

Manufacturing CISO Cyber threats Risk 109

Adam Levin

MARCH 23, 2020

Update your camera’s firmware and software: Whether it’s an external camera or one built into your laptop or tablet, check for manufacturer updates and always keep your camera’s software and firmware fully up to date because patches are often released specifically to patch security vulnerabilities.

Firmware 219

Firmware Manufacturing Passwords Software 219

Adam Levin

MARCH 19, 2020

Ensure remote workers are more secure by following these five tips: Change the Default Password: Routers should have the manufacturer default password updated the moment it’s turned on and connected. Use a Strong and Unique Password: Discourage employees from reusing passwords that are linked to other accounts.

Wireless 199

Wireless Firmware Firewall Manufacturing 199

SecureWorld News

JANUARY 8, 2025

While voluntary, Consumer Reports hopes that manufacturers will apply for this mark, and that consumers will look for it when it becomes available." Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark. Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark.

IoT 117

IoT Manufacturing Government Cybersecurity 117

Security Affairs

JUNE 4, 2025

The affected information did not include any passwords, credit card details or other banking information.” Cartier designs, manufactures, distributes, and sells jewelry, watches, leather goods, and accessories. Due to the data involved, the company warns customers to stay alert for unsolicited or suspicious communications.

Data breaches 100

Data breaches Cyber Attacks Manufacturing Banking 100

Schneier on Security

FEBRUARY 12, 2021

ArsTechnica is reporting on the poor cybersecurity at the plant: The Florida water treatment facility whose computer system experienced a potentially hazardous computer breach last week used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees, government officials have reported.

Firewall 324

Firewall Manufacturing Media Passwords 324

Troy Hunt

JUNE 30, 2022

Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Actually, the multiple problems, the first of which is that it's just way too fast for storing user passwords in an online system.

Passwords 355

Passwords Identity Theft Consumer Services Password Management 355

Schneier on Security

NOVEMBER 7, 2018

They could be discovered by anyone who finds or guesses the camera's IP address­ -- and if you haven't set a strong password, a hacker might find it easy to gain access. This is the sort of sustained pressure we need on IoT device manufacturers. Consumer Reports will evaluate those updates once they are available. Boing Boing link.

Wireless 246

Wireless IoT Manufacturing Encryption 246

Security Affairs

JANUARY 21, 2021

With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.” The analysis of a subset of ~500 stolen credentials revealed that victims belong to a wide range of target industries, including IT, healthcare, real estate, and manufacturing.

Phishing 145

Phishing Passwords Healthcare Manufacturing 145

Malwarebytes

NOVEMBER 25, 2021

And because of our high propensity to forgo changing default passwords that came with the smart devices we buy, we’re essentially putting ourselves—our homes and our family’s data and privacy—at the forefront of online attacks without us knowing. but not vehicles, smart meters, smart medical devices, laptops, and desktop computers.

Passwords 135

Passwords Telecommunications Internet Internet 135

Krebs on Security

APRIL 26, 2019

A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research. The security flaws involve iLnkP2P , software developed by China-based Shenzhen Yunni Technology.

IoT 278

IoT Firewall Computers and Electronics Manufacturing 278

IT Security Guru

NOVEMBER 18, 2024

It’s interesting to note that many people will happily unlock their phone by just looking at it and have no problem tapping their bank card against a store’s point of sale terminal, but if the term password security is presented to them, they have a blank expression, or worse, shrink away. So, it’s undoubtedly already out there.

Passwords 101

Passwords Password Management Technology Authentication 101

Malwarebytes

AUGUST 10, 2021

The company does not believe the botnet is exploiting vulnerabilities in its software, it’s simply going after weak or default passwords using brute force guessing. In this case, if a password is guessed successfully, the device is infected with malware that will carry out additional attacks on other devices. StealthWorker.

Passwords 123

Passwords DDOS Malware Ransomware 123

Schneier on Security

NOVEMBER 13, 2018

Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ -- from toys to lightbulbs to major appliances­ -- to the internet at breakneck speeds. There's just one specific in the law that's not subject to the attorney general's interpretation: Default passwords are not allowed. This law is not a panacea.

IoT 261

IoT Manufacturing Internet Internet 261

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing 98

Manufacturing Ransomware Hacking Security Awareness 98

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. The messages contained password-protected archives named similarly to Documents from 04/29/2025.rar.

Malware 88

Malware Phishing Telecommunications Antivirus 88

SecureWorld News

APRIL 23, 2025

The Secure by Design initiative: a brief overview Launched in April 2023, Secure by Design aimed to shift the responsibility for cybersecurity upstream by encouraging software manufacturers to integrate security measures during the design phase.

Manufacturing 93

Manufacturing Software Cybersecurity Authentication 93

Krebs on Security

JUNE 28, 2022

In a typical PPI network, clients will submit their malware—a spambot or password-stealing Trojan, for example —to the service, which in turn charges per thousand successful installations, with the price depending on the requested geographic location of the desired victims. AWM Proxy’s online storefront disappeared that same day.

Passwords 321

Passwords Malware Internet Internet 321

Krebs on Security

APRIL 8, 2019

KrebsOnSecurity broke the news that Facebook developers wrote apps which stored somewhere between 200 million and 600 million Facebook user passwords in plain text. These plaintext passwords were indexed by Facebook’s data centers and searchable for years by more than 20,000 Facebook employees.

Cybercrime 262

Cybercrime Passwords Accountability Identity Theft 262

SecureWorld News

JANUARY 23, 2025

Trusting manufacturers and the role of base networks Some professionals argue that once a base network is established, OT cybersecurity becomes less of a concern. They emphasize trust in equipment from reputable manufacturers. "I These developments reflect the growing maturity of the OT cybersecurity field.

Engineering 110

Engineering Cybersecurity Firewall Manufacturing 110

Security Affairs

DECEMBER 5, 2021

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. The experts shared their findings with the manufacturers, most of the flaws have been already fixed.

Manufacturing 145

Manufacturing IoT Firmware VPN 145

Thales Cloud Protection & Licensing

MARCH 12, 2025

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 - 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings.

Passwords 71

Passwords Authentication Digital transformation Government 71

Graham Cluley

MARCH 27, 2024

Hardware wallet manufacturer Trezor has explained how its Twitter account was compromised - despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication. Read more in my article on the Hot for Security blog.

Accountability 138

Accountability Cryptocurrency Manufacturing Authentication 138

Schneier on Security

DECEMBER 17, 2019

Microsoft has watched the group carry out so-called password-spraying attacks over the past year that try just a few common passwords across user accounts at tens of thousands of organizations. They're going after these producers and manufacturers of control systems, but I don't think they're the end targets," says Moran.

Passwords 155

Passwords Manufacturing Accountability Hacking 155

The Hacker News

JANUARY 6, 2022

From the latest password requirements (NIST 800-63) to IoT security for manufacturers (NISTIR 8259), NIST is always the starting point. When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology (NIST).

IoT 145

IoT Manufacturing Cybersecurity Passwords 145

The Hacker News

DECEMBER 21, 2021

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices.

Penetration Testing 139

Penetration Testing Firmware Telecommunications Manufacturing 139

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. After looking at 28 of the most popular manufacturers, our research team found 3.5 What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies.

Surveillance 145

Surveillance Manufacturing Internet Internet 145

Security Affairs

AUGUST 22, 2023

Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions. In this case, it could take attackers as long as 22 years to crack a very strong admin password.

Passwords 98

Passwords Penetration Testing Engineering Manufacturing 98