Tech Republic Security

MAY 7, 2024

The intent of the Future Made in Australia Act is to build manufacturing capabilities across all sectors, which will likely lead to more demand for IT skills and services.

Manufacturing 175

Manufacturing Artificial Intelligence Big data Technology 175

Schneier on Security

JUNE 23, 2021

Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and (..)

Manufacturing 296

Manufacturing Spyware Surveillance Marketing 296

Security Boulevard

AUGUST 22, 2024

For example, the manufacturing and industrial products sector remains the top targeted industry sector, with. The post Report: Manufacturing Remains Atop Cyberattack Leader Board appeared first on Security Boulevard.

Manufacturing 122

Manufacturing Encryption Cybersecurity Cyber Attacks 122

The Hacker News

DECEMBER 2, 2024

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware.

Manufacturing 139

Manufacturing Malware Healthcare Technology 139

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The attacks were detected in Taiwan and mostly targeted military-related industries, specifically the manufacturer of drones. “we investigated TIDRONE , a threat actor linked to Chinese-speaking groups.

Manufacturing 136

Manufacturing Malware Antivirus Software 136

Security Boulevard

SEPTEMBER 10, 2024

Manufacturing and industrial sectors are becoming bigger cyber-targets, and many of the intrusions are coming from China. The post Manufacturing, Industrial Sectors Are Under Siege appeared first on Security Boulevard. The two sectors endured a 105% increase in attacks during the first half of 2024, highlighting.

Manufacturing 114

Manufacturing Data privacy Security Awareness Mobile 114

Schneier on Security

MAY 2, 2024

The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for. Unique passwords installed by default are still permitted.

Passwords 338

Passwords IoT Manufacturing Telecommunications 338

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT 326

IoT Software Manufacturing Internet 326

Security Affairs

NOVEMBER 2, 2024

GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly. “The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. VulnCheck alerted affected manufacturers to the flaws, only receiving a response from PTZOptics. ” reads the analysis published by GreyNoise.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Schneier on Security

JULY 21, 2022

The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.

Manufacturing 332

Manufacturing Surveillance Mobile Authentication 332

Schneier on Security

NOVEMBER 4, 2021

The Israeli cyberweapons arms manufacturer — and human rights violator , and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them.

Manufacturing 353

Manufacturing Marketing Spyware 353

Schneier on Security

SEPTEMBER 1, 2021

Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. More on this here.

Spyware 338

Spyware Manufacturing Government Hacking 338

Schneier on Security

JULY 20, 2021

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists. There’s a lot to read out there.

Hacking 364

Hacking Spyware Manufacturing Software 364

Schneier on Security

JULY 29, 2022

Yet another article about cyber-weapons arms manufacturers and their particular supply chain. This one is about Windows and Adobe Reader zero-day exploits sold by an Austrian company named DSIRF. There’s an entire industry devoted to undermining all of our security. It needs to be stopped.

Manufacturing 316

Manufacturing 316

Schneier on Security

JULY 14, 2021

No information can be given to “overseas organizations or individuals” other than the product’s manufacturer. Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make.

Manufacturing 363

Manufacturing Government Cybersecurity 363

Security Boulevard

NOVEMBER 25, 2024

EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote.

Manufacturing 117

Manufacturing Government Security Awareness Phishing 117

Schneier on Security

JULY 1, 2020

consumers generally requires that IoT manufacturers sell through a U.S. There's a lot of detail between here and there, though, and it's all in the paper. We also wrote a Lawfare post : we propose to leverage these supply chains as part of the solution. Selling to U.S. cybersecurity agencies. cybersecurity agencies. News article.

IoT 273

IoT Manufacturing Cybersecurity 273

Schneier on Security

JANUARY 16, 2023

Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies.

Software 284

Software Hacking Manufacturing Government 284

Schneier on Security

OCTOBER 17, 2022

The criminals targeted keyless vehicles from two French car manufacturers. As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized.

Hacking 363

Hacking Manufacturing Marketing Software 363

Schneier on Security

AUGUST 22, 2022

This is a dumb crypto mistake I had not previously encountered: A developer says it was possible to run their own software on the car infotainment hardware after discovering the vehicle’s manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. […].

Encryption 350

Encryption Firmware Manufacturing Software 350

Security Affairs

OCTOBER 31, 2024

Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024. reads the advisory published by the Taiwanese manufacturer. The vulnerability is a SQL injection (SQLi) issue that impacts the QNAP’s SMB Service.

Backups 118

Backups Manufacturing Hacking Information Security 118

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

However, industries reliant on shared devices—such as healthcare, retail, and manufacturing—face unique challenges. Similarly, in retail and manufacturing, delays caused by authentication procedures reduce overall efficiency. These fast-paced environments need a more flexible approach to balance security, speed, and user privacy.

Authentication 132

Authentication Retail Healthcare Manufacturing 132

Schneier on Security

JULY 30, 2024

Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. For a company like Bosch that supplies automotive parts for many different manufacturers, the number would be more like 200.)

Software 324

Software Manufacturing Cybersecurity 324

Adam Shostack

JANUARY 2, 2025

Safety First For Automated Driving " is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. Lets explore the risks associated with Automated Driving. One way to read it is that those disciplines have strongly developed safety cultures, which generally do not consider cybersecurity problems.

Risk 189

Risk Architecture Manufacturing Cybersecurity 189

Schneier on Security

OCTOBER 25, 2021

The world needs to do something about these cyberweapons arms manufacturers. Citizen Lab is that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis. This kind of thing isn’t enough; NSO Group is an Israeli company.

Spyware 258

Spyware Hacking Manufacturing 258

Schneier on Security

AUGUST 14, 2024

Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN : In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle,” (..)

Insurance 327

Insurance Manufacturing Technology Data collection 327

SecureWorld News

JANUARY 8, 2025

While voluntary, Consumer Reports hopes that manufacturers will apply for this mark, and that consumers will look for it when it becomes available." Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark. As the White House noted, the Cyber Trust Mark "connects companies, consumers, and the U.S.

IoT 117

IoT Manufacturing Government Cybersecurity 117

Schneier on Security

MARCH 16, 2022

Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). There aren’t many weak keys out there, but there are some: So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack.

Manufacturing 319

Manufacturing Encryption 319

Security Affairs

FEBRUARY 10, 2025

. “XE Group transitioned from credit card skimming to targeted information theft, marking a significant shift in their operational priorities.Their attacks now target supply chains in the manufacturing and distribution sectors, leveraging new vulnerabilities and advanced tactics.” ” reads the analysis published by Intezer.

Manufacturing 110

Manufacturing Cybercrime Passwords Authentication 110

The Last Watchdog

FEBRUARY 10, 2025

And in manufacturing plants, theyre increasingly found in industrial control systems and autonomous robotics. Meanwhile, regulations such as Californias IoT Security Law and the European Unions Cyber Resilience Act are pushing manufacturers to embed minimum security standards into their designs.

Internet 130

Internet Internet IoT Manufacturing 130

Schneier on Security

JUNE 25, 2020

van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. " by Christopher Bellman and Paul C.

IoT 276

IoT Manufacturing Internet Internet 276

Schneier on Security

DECEMBER 30, 2022

We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. In this work, we revisit this important line of reach.

Manufacturing 363

Manufacturing 363

SecureWorld News

NOVEMBER 19, 2024

Executive summary Organizations must integrate trust value into their core planning, treating it as a strategic asset that can be manufactured, measured, and managed, much like quality in Total Quality Management.

Marketing 112

Marketing Architecture Manufacturing Technology 112

Security Affairs

FEBRUARY 12, 2025

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.

Computers and Electronics 77

Computers and Electronics Ransomware Manufacturing Data breaches 77

Schneier on Security

JULY 26, 2024

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

Firmware 340

Firmware Encryption Manufacturing Passwords 340

Schneier on Security

SEPTEMBER 6, 2021

The good news is that product vendors are fixing this: Several of the headphones which could be tracked over time are for sale in electronics stores, but according to two of the manufacturers NRK have spoken to, these models are being phased out.

Wireless 323

Wireless Marketing Manufacturing Risk 323

Security Affairs

OCTOBER 30, 2024

” reads the advisory published by the Taiwanese manufacturer. The vulnerability impacts version 25.1.x x and was addressed in HBS 3 Hybrid Backup Sync 25.1.1.673 and later “An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync.

Backups 119

Backups Manufacturing Hacking 119