Information Security, Internet and Manufacturing

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Security Affairs

NOVEMBER 9, 2020

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer. “According to the Internet PTT, 30% of the computers have been hit. . Pierluigi Paganini.

Manufacturing

Manufacturing Computers and Electronics Ransomware Media

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? Pierluigi Paganini.

Manufacturing

Manufacturing IoT Malware Cryptocurrency

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly. “The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. VulnCheck alerted affected manufacturers to the flaws, only receiving a response from PTZOptics. ” reads the analysis published by GreyNoise.

Firmware

Firmware Manufacturing IoT Healthcare

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

SecureWorld News

MAY 29, 2024

The manufacturing sector faces an increasingly daunting cyber threat landscape that puts production operations, intellectual property, and entire supply chains at risk. Manufacturers must make cyber resilience a fully institutionalized part of their organizational identity." trillion annually. "

Manufacturing

Manufacturing CISO Artificial Intelligence Cyber threats

As Internet-Connected Medical Devices Multiply, So Do Challenges

Cisco Security

JUNE 15, 2022

To consumers, the Internet of Things might bring to mind a smart fridge that lets you know when to buy more eggs, or the ability to control your home’s lighting and temperature remotely through your phone. But for cybersecurity professionals, internet-connected medical devices are more likely to be top-of-mind. Additional Resources.

Internet

Internet Internet Manufacturing IoT

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. More recently, Sultan Qasim Khan, a principal security adviser with a UK-based security firm, tricked a Tesla into thinking the driver was inside by rerouting communication between the automaker’s mobile app and the car.

Malware

Malware Manufacturing IoT Software

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

“Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” .” reads the analysis published by Akamai. ” concludes the report.

Manufacturing

Manufacturing Malware Firmware IoT

Access:7 flaws impact +150 device models from over 100 manufacturers

Security Affairs

MARCH 8, 2022

The platform allows remote access and management of connected devices to manufacturers through an agent is installed on devices. The impact of these flaws is widespread, experts determine that the issues impact more than 150 device models from over 100 manufacturers. Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing IoT Authentication Financial Services

VNC instances exposed to Internet pose critical infrastructures at risk

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Exposing VNCs to the internet, increases the likelihood of a cyberattack. connected via VNC and exposed over the internet. Pierluigi Paganini.

Internet

Internet Internet Risk Cybercrime

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Internet Internet

Story of the Year: global IT outages and supply chain attacks

SecureList

DECEMBER 9, 2024

was used by tens of millions of websites approximately 4% of all sites on the internet which highlights the severity of the incident, whose full impact is yet to be determined. However, delegating tasks also introduces new information security challenges. Why does it matter? According to Cloudflare, Polyfill.io

Internet

Internet Internet Risk Social Engineering

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “I’ve never seen this volume of phishing,” Rogers told Reuters. .”

Cybersecurity

Cybersecurity Cyber threats Government Phishing

A cyberattack halted operations at Varta production plants

Security Affairs

FEBRUARY 15, 2024

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack disrupted operations at five production plants and the administration.

Manufacturing

Manufacturing Cyber Attacks Ransomware Internet

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the internet. Military software is unlikely to be any more secure than commercial software. .” That was Bruce’s response at a conference hosted by U.S.

Software

Software Cybersecurity Backups Manufacturing

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

The Last Watchdog

APRIL 30, 2024

in different industries, including energy, manufacturing, and healthcare. Unitronics systems are exposed to the Internet and a single intrusion caused a ripple effect felt across organizations in multiple states. About the essayist : Joseph Bell is Chief Information Security Officer at Everfox.

Penetration Testing

Penetration Testing CISO Unstructured Data Technology

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. In response to the incident, the company disconnected the affected systems from the internet to prevent the threat from spreading. The Nexperia launched an investigation into the security breach with the help of third-party cybersecurity experts.

Ransomware

Ransomware Manufacturing Hacking Insurance

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. The state of IoT is poor enough as it is, security wise.

Ransomware

Ransomware Manufacturing Passwords Internet

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Mobile

Mobile Manufacturing Internet Internet

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

In this advisory, I aim to explore how implementing a specific security technological combination (TLS and DDNS) negatively influences the overall security, inadvertently creating opportunities for attackers to exploit weaknesses on a massive scale. For instance, suppose firewall manufacturer ACME Inc.

DNS

DNS Manufacturing Firewall Internet

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. 7}' 1432d89.

Firmware

Firmware Manufacturing Passwords Penetration Testing

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet.

IoT

IoT Cybersecurity Manufacturing Internet

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” The operators also attempt to disable security tools exploiting vulnerable or signed drivers.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

The United States continues to highlight the risks to national security in case of adoption of Huawei equipment and is inviting internet providers and telco operators in allied countries to ban Huawei. Chinese equipment is broadly adopted in many allied countries, including Germany, Italy, and Japan. ” reported the AP News.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

how are they connected to the Internet (hint: they aren't, they are… [link] — Robᵉʳᵗ Graham ? ErrataRob) February 7, 2024 Several experts explained that electric toothbrushes have no direct connections to the internet, they relies on Bluetooth to connect to mobile apps. what was the brand of toothbrushes?

DDOS

DDOS IoT Media Internet

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The FBI is working with private sector partners who manufacture smart devices to advise customers about the scheme and how to avoid being victimized. The FBI is also working to alert law enforcement first responders to this threat so they may respond accordingly.” Users should update their passwords on a regular basis.

Passwords

Passwords Surveillance Manufacturing Accountability

Swedish court suspended the ban on Huawei equipment

Security Affairs

NOVEMBER 12, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. The Chinese giant was already excluded by several countries from building their 5G internet networks.

Wireless

Wireless Internet Internet Manufacturing

D-Link addressed three critical RCE in wireless router models

Security Affairs

SEPTEMBER 16, 2024

The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. “When D-Link became aware of the reported security issues, we promptly started investigating and developing security patches. .” ” reads the advisory.

Wireless

Wireless Firmware Manufacturing Hacking

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Security Affairs

SEPTEMBER 13, 2024

Unfortunately, often manufacturers sell older OS versions as newer ones. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware

Malware Firmware Antivirus Manufacturing

Agencies Warn of Pro-Russia Hackers Targeting OT Control Systems

SecureWorld News

MAY 7, 2024

According to a new joint cybersecurity alert , the hacktivists have been observed gaining remote access to small-scale industrial control systems used in water/wastewater, dams, energy, and food and agriculture by exploiting internet-exposed human-machine interfaces (HMIs) and using default or weak passwords.

Passwords

Passwords Manufacturing Technology Authentication

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw.

Firmware

Firmware Manufacturing Software Authentication

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

US first, and many other countries after, have decided to ban network equipment manufactured by the Chinese telecom giant Huawei. The United States is highlighting the risks for national security in case of adoption of Huawei equipment and is inviting internet providers and telco operators in allied countries to ban Huawei.

Technology

Technology Advertising Internet Internet

Sweden bans Huawei and ZTE from building its 5G infrastructure

Security Affairs

OCTOBER 21, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. The Chinese giant was already excluded by several countries from building their 5G internet networks.

Wireless

Wireless Internet Internet Advertising

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. ” reads the advisory published by Trellix.

Hacking

Hacking Internet Internet Passwords

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Below is our esteemed panel of SC Awards judges, contributing from health care, engineering, finance, education, manufacturing, nonprofit and consulting, among others. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program.

Computers and Electronics

Computers and Electronics Technology Information Security Education

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Banking

Banking Malware Manufacturing Business Services

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the Internet without any protection. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.”

Ransomware

Ransomware Internet Internet Encryption

Ford seeks patent for conversation-based advertising

Malwarebytes

SEPTEMBER 13, 2024

Car manufacturer Ford Motor Company has filed a patent application for an in-vehicle advertisement presentation system based on information derived from several trip and driver characteristics. Yet nowhere in the entire document exists one word about how Ford intends to keep the acquired information secure.

Advertising

Advertising Manufacturing Internet Internet

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. The publicly accessible.env file, hosted on the exail.com website, was exposed to the internet, meaning that anyone could have accessed it.

Technology

Technology Internet Internet Manufacturing

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. To mitigate the risk of the exploitation of the above flaws, it is recommended to disable internet connectivity for vulnerable Nexx devices or protect them with a firewall.

Manufacturing

Manufacturing Media Firewall Internet

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks.

Ransomware

Ransomware Encryption Firmware Passwords

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

In this phase of the project that started in 2013 ( SOHOpelessly Broken 1.0 ) , the researchers assessed the security of 13 SOHO router and NAS devices and found a total of 125 new vulnerabilities. . This research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices.”

Manufacturing

Manufacturing IoT Advertising Authentication

Expert found Russia’s SORM surveillance equipment leaking user data

Security Affairs

AUGUST 30, 2019

The Russian Government obliges national ISPs to purchase and install the probes used by SORM system that allows the Federal Security Service (FSB) to monitor Internet traffic including online communications. Some of the SORM devices found by the researcher were manufactured by the Russian MFI Soft. ” continues Meduza.

Surveillance

Surveillance Firmware Advertising Mobile

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

IoT devices at major Manufacturers infected with crypto-miner

Trending Sources

PTZOptics cameras zero-days actively exploited in the wild

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

As Internet-Connected Medical Devices Multiply, So Do Challenges

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Access:7 flaws impact +150 device models from over 100 manufacturers

VNC instances exposed to Internet pose critical infrastructures at risk

NCSC: New UK law bans default passwords on smart devices

3.5m IP cameras exposed, with US in the lead

Story of the Year: global IT outages and supply chain attacks

Interview With a Crypto Scam Investment Spammer

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

A cyberattack halted operations at Varta production plants

Vulnerabilities in Weapons Systems

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

FBI warns of ransomware threat to food and agriculture

Belgium telecom operators Proximus and Orange drop Huawei

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Experts found backdoors in a popular Auerswald VoIP appliance

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

US officials claim Huawei Equipment has secret backdoor for spying

Unraveling the truth behind the DDoS attack from electric toothbrushes

FBI warns swatting attacks on owners of smart devices

Swedish court suspended the ban on Huawei equipment

D-Link addressed three critical RCE in wireless router models

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Agencies Warn of Pro-Russia Hackers Targeting OT Control Systems

NI CompactRIO controller flaw could allow disrupting production

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Sweden bans Huawei and ZTE from building its 5G infrastructure

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Meet the 2021 SC Awards judges

TinyNuke banking malware targets French organizations

How to secure QNAP NAS devices? The vendor’s instructions

Ford seeks patent for conversation-based advertising

Space and defense tech maker Exail Technologies exposes database access

Nexx bugs allow to open garage doors, and take control of alarms and plugs

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Expert found Russia’s SORM surveillance equipment leaking user data

Stay Connected