Firmware, Manufacturing and Ransomware - Cyber Security Informer

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly. “The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. Affected devices use VHD PTZ camera firmware < 6.3.40 “Organizations using VHD PTZ camera firmware < 6.3.40

Firmware

Firmware Manufacturing IoT Healthcare

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. As of the publication, no publicly known vulnerabilities have been identified in the latest firmware version. x) may also be vulnerable. ” concludes the report.

Hacking

Hacking Firmware Software Manufacturing

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware

Ransomware Backups Firmware Insurance

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware

Ransomware Firmware Antivirus Accountability

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

The Hacker News

DECEMBER 5, 2022

The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants, and server physical damage (bricking),"

Manufacturing

Manufacturing Firmware Ransomware Malware

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware

Ransomware Encryption Firmware Passwords

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt Up to date apps and firmware seem not to help either.”

Ransomware

Ransomware Encryption Backups Firmware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption Passwords Malware

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware attacks. Ransomware attacks targeting the food and agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. ” Internet of Things.

Ransomware

Ransomware Manufacturing Passwords Internet

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Malwarebytes

MAY 8, 2023

While the statement does not reveal a lot of tangible information, this snippet is important: “MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.” Money Message is a new ransomware which targets both Windows and Linux systems.

Firmware

Firmware Ransomware Backups Malware

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

DECEMBER 27, 2018

Since November, a new ransomware called JungleSec has been infecting servers through unsecured IPMI (Intelligent Platform Management Interface) cards. Security experts at BleepingComputer wrote about a new ransomware called JungleSec that is infecting victims through unsecured IPMI (Intelligent Platform Management Interface) cards.

Ransomware

Ransomware Passwords Advertising Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware

Ransomware DDOS Passwords Backups

Ransomware gang attacks MSI and demands $4m for decryption

CyberSecurity Insiders

APRIL 9, 2023

A new ransomware gang is on the prowl in the wild and has claimed its first major victim by launching a cyber attack and demanding $4m as ransom. The post Ransomware gang attacks MSI and demands $4m for decryption appeared first on Cybersecurity Insiders.

Ransomware

Ransomware Firmware Manufacturing Cyber Attacks

Ransomware and Cyber Extortion in Q4 2024

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. Ransomware Activity Hits All-Time High in December Ransomware attacks have been climbing steadily over the past few years, despite some temporary dips along the way.

Ransomware

Ransomware Social Engineering Phishing VPN

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. ” reads the FBI’s PIN.

Ransomware

Ransomware Passwords Backups Firmware

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware Firmware Hacking Manufacturing

TrickBoot feature allows TrickBot bot to run UEFI attacks

Security Affairs

DECEMBER 3, 2020

The infamous TrickBot gets a new improvement, authors added a new feature dubbed “ TrickBoot ” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

Firmware

Firmware Malware Hacking Manufacturing

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks. The ransomware can be deployed as a

Ransomware

Ransomware Encryption Firmware Backups

CISA and FBI issue alert about Zeppelin ransomware

Malwarebytes

AUGUST 16, 2022

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Advisory (CSA) about Zeppelin ransomware. Zeppelin, aka Buran, is a ransomware-as-a-service (RaaS) written in Delphi and built upon the foundation of VegaLocker. Mitigation.

Ransomware

Ransomware Backups Passwords Authentication

FBI warns food and agriculture to brace for seasonal ransomware attacks

Malwarebytes

APRIL 28, 2022

The Federal Bureau of Investigation (FBI) recently released a Private Industry Notification warning agriculture cooperatives (also known as “farmers’ co-ops”) of the looming danger of well-timed ransomware attacks. After-effects of ransomware attacks against the FA sector. And corn is a commodity. It fluctuates daily.

Ransomware

Ransomware Technology Firmware Internet

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

Flow computers are used to calculate volume and flow rates for oil and gas that are critical to electric power manufacturing and distribution. The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The critical systems are widely used by oil and gas organizations worldwide.

Firmware

Firmware Passwords Authentication Manufacturing

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Security Affairs

AUGUST 2, 2021

The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide. An attacker could also push an insecure firmware upgrade to fully compromise the devices. Swisslog has released Nexus Control Panel version 7.2.5.7

Healthcare

Healthcare Firmware Manufacturing Ransomware

The High-Stakes Game of Ensuring IoMT Device Security

SecureWorld News

FEBRUARY 17, 2024

A 2021 Cynerio report revealed a staggering 123% increase in ransomware attacks on healthcare facilities, resulting in more than 500 incidents and costs exceeding $21 billion. In response, manufacturers are intensifying their cybersecurity efforts, incorporating advanced CI/CD workflows to safeguard medical devices from escalating attacks.

Healthcare

Healthcare Manufacturing Internet Internet

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. Organizations using Netgear, Huawei, and ZTE network devices are recommended to keep their firmware up to date and use strong passwords. Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

637 flaws in industrial control system (ICS) products were published in H1 2021

Security Affairs

AUGUST 20, 2021

This reinforces the need for phishing and spam prevention, as well as awareness techniques that would help stem the tide of ransomware and other potentially devastating attacks.” Of the vulnerabilities with no, or partial, remediation, 61.96% were found in firmware. ” continues the report.

Firmware

Firmware Ransomware Manufacturing Software

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches

Data breaches Firmware Hacking Ransomware

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches

Data breaches Computers and Electronics Spyware Cybercrime

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

SecureWorld News

OCTOBER 29, 2020

With COVID-19 cases surging and hospitalizations increasing, the operators of the Ryuk ransomware smell opportunity. Security researchers say the Ryuk gang is unleashing an unprecedented wave of ransomware attacks against U.S. If Ryuk ransomware knocks a hospital's network offline, would it pay a ransom? October 29, 2020.

Ransomware

Ransomware Healthcare Backups Cybercrime

Ransomware’s Number 1 Target? Your Kid’s School

SecureWorld News

DECEMBER 18, 2020

Now an unusually large number of students and teachers must add another difficulty to the list: a ransomware attack. K-12 schools ransomware attacks at record pace. And the MS-ISAC says K-12 school districts are now the most likely to suffer from and report a successful ransomware attack. Now, let's look at some specifics.

Ransomware

Ransomware Education Backups Malware

Money Message gang leaked private code signing keys from MSI data breach

Security Affairs

MAY 8, 2023

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Data breaches

Data breaches Ransomware Firmware Manufacturing

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

Industrial control systems (ICS) are the backbone of critical infrastructure, powering essential operations in the energy, manufacturing, water treatment, and transportation sectors. These systems are integral to the smooth operation of industries such as manufacturing, power generation, oil and gas, water management, and more.

Firmware

Firmware Encryption Manufacturing Risk

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. “The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device.

Malware

Malware Firmware Advertising Ransomware

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

Department of Justice indictment, MSS-affiliated actors have targeted various industries across the United States and other countries—including high-tech manufacturing; medical device, civil, and industrial engineering; business, educational, and gaming software; solar energy; pharmaceuticals; and defense—in a campaign that lasted over ten years.[

Government

Government VPN Firmware Energy and Utilities

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The manufacturer of the mobile device preloads an adware application or a component with the firmware. Mobile ransomware Trojans. Statistics.

Mobile

Mobile Malware Adware Banking

ICS and OT threat predictions for 2024

SecureList

JANUARY 31, 2024

Ransomware Ransomware will remain the No. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises. The ransomware market is heading for a peak, which may be followed by a decline or stagnation. 1 scourge of industrial enterprises in 2024.

Ransomware

Ransomware Energy and Utilities Marketing Backups

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

As if that were not enough, many IoT devices have unalterable main passwords set by manufacturers. Ransomware Unlike DDoS malicious programs, ransomware largely targets IoT devices that contain user data: NAS boxes. DeadBolt, which affected thousands of QNAP NAS devices in 2022, is a prominent example of IoT ransomware.

IoT

IoT DDOS Passwords Malware

Five Cybersecurity Trends that Will Affect Organizations in 2023

CyberSecurity Insiders

DECEMBER 6, 2022

This analysis from Dirk Schrader, Vice President of Security Research, and Michael Paye, Vice President of Research and Development, is based on Netwrix’s global experience across a wide range of verticals, including technology, finance, manufacturing, government and healthcare. Understaffing will increase the role of channel partners.

Cybersecurity

Cybersecurity Cybercrime Social Engineering Risk

Cynerio raises $30 million to protect medical IoT

SC Magazine

MAY 24, 2021

According to the company, every device is both tracked in real time and users are provided information on the make, model and manufacturer, operating system, firmware, serial number and MAC address, and even outline known vulnerabilities that affect it.

IoT

IoT Healthcare Manufacturing Firmware

Preparing for IT/OT convergence: Best practices

CyberSecurity Insiders

SEPTEMBER 21, 2021

For example, the recent ransomware that leverages IT/OT convergence including the manufacturing and energy industries has prompted CISA to issue guidance regarding ransomware impacting OT environments ( read the guidance and how Tenable can help). whether done through the network or locally. Conclusion.

Energy and Utilities

Energy and Utilities Threat Detection Manufacturing Technology

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

Other major flaws appeared in the NGINX Ingress Controller for Kubernetes, Atlassian Confluence Data Center and Server, and Apache ActiveMQ — and the latter two have already been targeted in ransomware attacks. 3 to report that the vulnerability is being actively exploited, which Rapid7 said includes ransomware attacks.

Software

Software Education Ransomware Firmware

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

Due to the nature of these devices, the lack of security is often the result of weak design by the device manufacturer. Another alert by CISA has warned about critical vulnerabilities in Siemens software that could potentially impact millions of medical devices from multiple manufacturers. How to secure healthcare IoT.

Healthcare

Healthcare IoT Manufacturing Risk

SiteLock’s Top Five Cybersecurity Predictions For 2020

SiteLock

AUGUST 27, 2021

It’s safe to say that the volume and magnitude of high-profile data breaches and ransomware attacks that punctuated 2019 really kept the cybersecurity industry on its toes. In fact, New Orleans even declared a state of emergency due to the large number of public services that were directly impacted by this ransomware attack.

Cybersecurity

Cybersecurity Phishing Data breaches IoT

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Fortunately, vendor surveys identify five key cybersecurity threats to watch for in 2024: compromised credentials, attacks on infrastructure, organized and advanced adversaries, ransomware, and uncontrolled devices. No specific tool exists to defend specifically against nation state attacks, ransomware gangs, or hacktivists.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

PTZOptics cameras zero-days actively exploited in the wild

Mazda Connect flaws allow to hack some Mazda vehicles

Webinars

Trending Sources

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Webinars

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Ranzy Locker ransomware hit tens of US companies in 2021

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

FBI published a flash alert on Mamba Ransomware attacks

FBI warns of ransomware threat to food and agriculture

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Avoslocker ransomware gang targets US critical infrastructure

Ransomware gang attacks MSI and demands $4m for decryption

Ransomware and Cyber Extortion in Q4 2024

FBI warns of ransomware attacks targeting the food and agriculture sector

MSI confirms security breach after Money Message ransomware attack

TrickBoot feature allows TrickBot bot to run UEFI attacks

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

CISA and FBI issue alert about Zeppelin ransomware

FBI warns food and agriculture to brace for seasonal ransomware attacks

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

The High-Stakes Game of Ensuring IoMT Device Security

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

637 flaws in industrial control system (ICS) products were published in H1 2021

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

Ransomware’s Number 1 Target? Your Kid’s School

Money Message gang leaked private code signing keys from MSI data breach

What Is Industrial Control System (ICS) Cyber Security?

QSnatch malware already infected thousands of QNAP NAS devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Mobile malware evolution 2020

ICS and OT threat predictions for 2024

Overview of IoT threats in 2023

Five Cybersecurity Trends that Will Affect Organizations in 2023

Cynerio raises $30 million to protect medical IoT

Preparing for IT/OT convergence: Best practices

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

Why Healthcare IoT Requires Strong Machine Identity Management

SiteLock’s Top Five Cybersecurity Predictions For 2020

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Stay Connected