Security Boulevard

AUGUST 22, 2024

For example, the manufacturing and industrial products sector remains the top targeted industry sector, with. The post Report: Manufacturing Remains Atop Cyberattack Leader Board appeared first on Security Boulevard.

Manufacturing 122

Manufacturing Encryption Cybersecurity Cyber Attacks 122

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The attacks were detected in Taiwan and mostly targeted military-related industries, specifically the manufacturer of drones. “we investigated TIDRONE , a threat actor linked to Chinese-speaking groups.

Manufacturing 141

Manufacturing Malware Antivirus Software 141

The Hacker News

MARCH 14, 2024

The attacks, which take the form of phishing emails, targeted Spanish-speaking users in the manufacturing industry based in North America, eSentire said. The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT.

Manufacturing 138

Manufacturing Malware Phishing 138

Security Boulevard

SEPTEMBER 10, 2024

Manufacturing and industrial sectors are becoming bigger cyber-targets, and many of the intrusions are coming from China. The post Manufacturing, Industrial Sectors Are Under Siege appeared first on Security Boulevard. The two sectors endured a 105% increase in attacks during the first half of 2024, highlighting.

Manufacturing 114

Manufacturing Data privacy Security Awareness Mobile 114

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT 298

IoT Software Manufacturing Internet 298

Schneier on Security

MAY 2, 2024

The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for. Unique passwords installed by default are still permitted.

Passwords 315

Passwords IoT Manufacturing Telecommunications 315

Schneier on Security

JULY 21, 2022

The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.

Manufacturing 329

Manufacturing Surveillance Mobile Authentication 329

Schneier on Security

JULY 20, 2021

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists. There’s a lot to read out there.

Hacking 363

Hacking Spyware Manufacturing Software 363

Schneier on Security

JULY 14, 2021

No information can be given to “overseas organizations or individuals” other than the product’s manufacturer. Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make.

Manufacturing 360

Manufacturing Government Cybersecurity 360

Schneier on Security

NOVEMBER 4, 2021

The Israeli cyberweapons arms manufacturer — and human rights violator , and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them.

Manufacturing 322

Manufacturing Marketing Spyware 322

Schneier on Security

JULY 29, 2022

Yet another article about cyber-weapons arms manufacturers and their particular supply chain. This one is about Windows and Adobe Reader zero-day exploits sold by an Austrian company named DSIRF. There’s an entire industry devoted to undermining all of our security. It needs to be stopped.

Manufacturing 297

Manufacturing 297

Schneier on Security

SEPTEMBER 1, 2021

Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. More on this here.

Spyware 303

Spyware Manufacturing Government Hacking 303

Schneier on Security

AUGUST 22, 2022

This is a dumb crypto mistake I had not previously encountered: A developer says it was possible to run their own software on the car infotainment hardware after discovering the vehicle’s manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. […].

Encryption 351

Encryption Firmware Manufacturing Software 351

Schneier on Security

OCTOBER 17, 2022

The criminals targeted keyless vehicles from two French car manufacturers. As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized.

Hacking 353

Hacking Manufacturing Marketing Software 353

Schneier on Security

NOVEMBER 26, 2024

More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.

Media 255

Media Manufacturing Mobile Hacking 255

Schneier on Security

JANUARY 16, 2023

Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies.

Software 253

Software Hacking Manufacturing Government 253

Schneier on Security

JULY 30, 2024

Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. For a company like Bosch that supplies automotive parts for many different manufacturers, the number would be more like 200.)

Software 298

Software Manufacturing Cybersecurity 298

Schneier on Security

MARCH 16, 2022

Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). There aren’t many weak keys out there, but there are some: So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack.

Manufacturing 313

Manufacturing Encryption 313

Schneier on Security

DECEMBER 30, 2022

We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. In this work, we revisit this important line of reach.

Manufacturing 358

Manufacturing 358

Schneier on Security

AUGUST 14, 2024

Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN : In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle,” (..)

Insurance 298

Insurance Manufacturing Technology Data collection 298

Schneier on Security

OCTOBER 25, 2021

The world needs to do something about these cyberweapons arms manufacturers. Citizen Lab is that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis. This kind of thing isn’t enough; NSO Group is an Israeli company.

Spyware 231

Spyware Hacking Manufacturing 231

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords 140

Passwords Manufacturing Telecommunications Cyber Attacks 140

Schneier on Security

JULY 26, 2024

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

Firmware 320

Firmware Encryption Manufacturing Passwords 320

Schneier on Security

JUNE 17, 2022

Computer scientists at the University of California San Diego proved in a study published May 24 that minute imperfections in phones caused during manufacturing create a unique Bluetooth beacon , one that establishes a digital signature or fingerprint distinct from any other device. This new research shows that that’s not enough.

Manufacturing 337

Manufacturing Technology 337

Adam Levin

JUNE 8, 2020

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend.

Ransomware 283

Ransomware Manufacturing Malware Data breaches 283

Schneier on Security

OCTOBER 13, 2021

It’s a matter of going after those with deep pockets. ” Chhabria continued, “In an effort to more effectively stamp out infringement, the plaintiffs now go after a service common to many of the infringers: Cloudflare.

Retail 308

Retail Manufacturing Internet Internet 308

Schneier on Security

SEPTEMBER 6, 2021

The good news is that product vendors are fixing this: Several of the headphones which could be tracked over time are for sale in electronics stores, but according to two of the manufacturers NRK have spoken to, these models are being phased out.

Wireless 290

Wireless Marketing Manufacturing Risk 290

Tech Republic Security

DECEMBER 10, 2024

The legislation affects manufacturers, distributors, and importers of software and hardware. Cyber Resilience Act is now in effect.

Manufacturing 152

Manufacturing Software Cybersecurity 152

The Last Watchdog

AUGUST 1, 2022

It also represents digital trust [insert the way we are defining DT] between all compliant devices from different manufacturers. For instance, would the alliance be happy if Matter wins over more smart home platform suppliers and device manufacturers?). LW: What was the core security issue that had to resolve in deriving Matter?

Manufacturing 250

Manufacturing IoT Surveillance Authentication 250

Schneier on Security

MARCH 30, 2021

It feels like the product of a national intelligence agency or — and I think more likely — one of the cyberweapons arms manufacturers that sells this kind of capability to governments around the world. This is a sophisticated piece of malware.

Malware 306

Malware Manufacturing Encryption Government 306

Troy Hunt

JULY 13, 2021

An app provided by the device manufacturer controls the schedule, the colour and other features such as the brightness. — TP-LINK UK (@TPLINKUK) November 17, 2020 The manufacturer is under no obligation to support us tinkerers. All of this requires manufacturer buy-in. And you have to schedule it differently.

Internet 358

Internet Internet IoT Firmware 358

Adam Levin

DECEMBER 30, 2020

While the FBI is currently working with smart home device manufacturers to increase security settings, consumers with camera and voice activated home internet devices are urged to update their passwords, enable multi-factor authentication, and practice good cyber hygiene.

IoT 300

IoT Hacking Internet Internet 300

Schneier on Security

SEPTEMBER 28, 2022

The report recommends that regulators should 1) enforce minimum security standards for manufacturers of IoT devices, 2) incentivize higher levels of security through public contracting, and 3) try to align IoT standards internationally (for example, international guidance on handling connected devices that stop receiving security updates).

IoT 313

IoT Telecommunications Manufacturing Internet 313

Schneier on Security

DECEMBER 12, 2023

The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs… (..)

Firmware 339

Firmware Manufacturing Internet Internet 339

Schneier on Security

SEPTEMBER 23, 2024

The algorithm, mistaking this manufactured setup for a true emergency, offered the maximum incentive: $4.80 The timing was crucial, because every 15 minutes, Lyft’s algorithm resets, assigning new point values to every bike move. The clock struck 10:15. for every bike returned to the Ed Sullivan Theater.

Hacking 275

Hacking Manufacturing Scams 275

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Following a successful debut in November 2022, Matter is picking up steam, Nelson told me. This same approach really could be applied to other industries.

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

The Last Watchdog

MAY 15, 2023

Rising regulations As the attack surface broadens, original equipment manufacturers (OEMs) find themselves in a unique position. 29 UN R155 , for which C2A Security’s David Mor Ofek helped to draft, as a key regulation that makes car manufacturers liable for the entire supply chain of their products.

Malware 230

Malware Manufacturing IoT Software 230