Schneier on Security

JULY 26, 2024

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

Firmware 339

Firmware Encryption Manufacturing Passwords 339

Adam Levin

MARCH 23, 2020

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Your password should be include letters, numbers and special characters in a combination you haven’t used on other accounts. Update Account Passwords: Don’t reuse passwords from other accounts.

Manufacturing 245

Manufacturing Passwords Phishing Accountability 245

The Hacker News

APRIL 29, 2024

National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024.

Passwords 141

Passwords Telecommunications Manufacturing 141

Security Affairs

SEPTEMBER 13, 2020

Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online. Gaming hardware manufacturer Razer has suffered a data leak, this is the discovery made by the security researcher Bob Diachenko. ” reads a statement from the vendor.

Manufacturing 134

Manufacturing Data breaches Advertising Engineering 134

SecureWorld News

MAY 29, 2024

The manufacturing sector faces an increasingly daunting cyber threat landscape that puts production operations, intellectual property, and entire supply chains at risk. Manufacturers must make cyber resilience a fully institutionalized part of their organizational identity." trillion annually. "

Manufacturing 106

Manufacturing CISO Artificial Intelligence Cyber threats 106

Adam Levin

DECEMBER 30, 2020

In a public service announcement issued December 29, the FBI warned that “offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks.”. In some cases, the offender also live streams the incident on shared online community platforms,” explains the announcement.

IoT 300

IoT Hacking Internet Internet 300

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. ” As a proof of the hack Adrastea shared a link to a password-protected linked archive containing internal documents related to projects and correspondence. Pierluigi Paganini.

Manufacturing 130

Manufacturing Hacking Passwords Cybersecurity 130

The Last Watchdog

MAY 24, 2022

This is one giant leap towards getting rid of passwords entirely. Excising passwords as the security linchpin to digital services is long, long overdue. Password abuse at scale arose shortly after the decision got made in the 1990s to make shared secrets the basis for securing digital connections. Our brains just won’t do it.”.

Authentication 342

Authentication Passwords Banking Digital transformation 342

Adam Levin

MARCH 23, 2020

Update your camera’s firmware and software: Whether it’s an external camera or one built into your laptop or tablet, check for manufacturer updates and always keep your camera’s software and firmware fully up to date because patches are often released specifically to patch security vulnerabilities.

Firmware 219

Firmware Manufacturing Passwords Software 219

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. ” reads the analysis published by Intezer. ”concludes the report that also provides Indicators of Compromise (IoCs).

Manufacturing 108

Manufacturing Cybercrime Passwords Authentication 108

Schneier on Security

FEBRUARY 12, 2021

ArsTechnica is reporting on the poor cybersecurity at the plant: The Florida water treatment facility whose computer system experienced a potentially hazardous computer breach last week used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees, government officials have reported.

Manufacturing 335

Manufacturing Firewall Media Passwords 335

Adam Levin

MARCH 19, 2020

Ensure remote workers are more secure by following these five tips: Change the Default Password: Routers should have the manufacturer default password updated the moment it’s turned on and connected. Use a Strong and Unique Password: Discourage employees from reusing passwords that are linked to other accounts.

Wireless 199

Wireless Firmware Firewall Manufacturing 199

Schneier on Security

NOVEMBER 7, 2018

They could be discovered by anyone who finds or guesses the camera's IP address­ -- and if you haven't set a strong password, a hacker might find it easy to gain access. This is the sort of sustained pressure we need on IoT device manufacturers. Consumer Reports will evaluate those updates once they are available. Boing Boing link.

Wireless 254

Wireless Manufacturing IoT Encryption 254

SecureWorld News

JANUARY 8, 2025

While voluntary, Consumer Reports hopes that manufacturers will apply for this mark, and that consumers will look for it when it becomes available." Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark. Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark.

IoT 115

IoT Manufacturing Government Cybersecurity 115

Security Affairs

JANUARY 21, 2021

With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.” The analysis of a subset of ~500 stolen credentials revealed that victims belong to a wide range of target industries, including IT, healthcare, real estate, and manufacturing.

Phishing 145

Phishing Passwords Manufacturing Healthcare 145

Krebs on Security

APRIL 26, 2019

A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research. The security flaws involve iLnkP2P , software developed by China-based Shenzhen Yunni Technology.

IoT 278

IoT Firewall Manufacturing Computers and Electronics 278

Troy Hunt

JUNE 30, 2022

Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Actually, the multiple problems, the first of which is that it's just way too fast for storing user passwords in an online system.

Passwords 322

Passwords Identity Theft Consumer Services Password Management 322

SecureWorld News

MAY 16, 2022

United States manufacturing giant Parker Hannifin recently announced the company fell victim to a ransomware attack, resulting in a data breach of employee information. After a couple weeks of what one can assume to be stalled ransom negotiations, Conti posted the rest of data, 419 GB in total.

Manufacturing 98

Manufacturing Ransomware Data breaches Accountability 98

Malwarebytes

NOVEMBER 25, 2021

And because of our high propensity to forgo changing default passwords that came with the smart devices we buy, we’re essentially putting ourselves—our homes and our family’s data and privacy—at the forefront of online attacks without us knowing. but not vehicles, smart meters, smart medical devices, laptops, and desktop computers.

Passwords 130

Passwords Telecommunications Internet Internet 130

Malwarebytes

AUGUST 10, 2021

The company does not believe the botnet is exploiting vulnerabilities in its software, it’s simply going after weak or default passwords using brute force guessing. In this case, if a password is guessed successfully, the device is infected with malware that will carry out additional attacks on other devices. StealthWorker.

Passwords 118

Passwords DDOS Malware Ransomware 118

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing 98

Manufacturing Ransomware Hacking Security Awareness 98

Thales Cloud Protection & Licensing

MARCH 12, 2025

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 - 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings.

Passwords 71

Passwords Authentication Digital transformation Government 71

Schneier on Security

DECEMBER 17, 2019

Microsoft has watched the group carry out so-called password-spraying attacks over the past year that try just a few common passwords across user accounts at tens of thousands of organizations. They're going after these producers and manufacturers of control systems, but I don't think they're the end targets," says Moran.

Passwords 164

Passwords Manufacturing Accountability Hacking 164

Krebs on Security

JUNE 28, 2022

In a typical PPI network, clients will submit their malware—a spambot or password-stealing Trojan, for example —to the service, which in turn charges per thousand successful installations, with the price depending on the requested geographic location of the desired victims. AWM Proxy’s online storefront disappeared that same day.

Passwords 304

Passwords Malware Internet Internet 304

Security Affairs

DECEMBER 5, 2021

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. The experts shared their findings with the manufacturers, most of the flaws have been already fixed.

Manufacturing 145

Manufacturing IoT Firmware VPN 145

Krebs on Security

APRIL 8, 2019

KrebsOnSecurity broke the news that Facebook developers wrote apps which stored somewhere between 200 million and 600 million Facebook user passwords in plain text. These plaintext passwords were indexed by Facebook’s data centers and searchable for years by more than 20,000 Facebook employees.

Cybercrime 251

Cybercrime Passwords Identity Theft Accountability 251

The Hacker News

JANUARY 6, 2022

From the latest password requirements (NIST 800-63) to IoT security for manufacturers (NISTIR 8259), NIST is always the starting point. When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology (NIST).

Manufacturing 145

Manufacturing IoT Cybersecurity Passwords 145

The Hacker News

DECEMBER 21, 2021

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices.

Penetration Testing 141

Penetration Testing Firmware Telecommunications Manufacturing 141

SecureWorld News

JANUARY 23, 2025

Trusting manufacturers and the role of base networks Some professionals argue that once a base network is established, OT cybersecurity becomes less of a concern. They emphasize trust in equipment from reputable manufacturers. "I These developments reflect the growing maturity of the OT cybersecurity field.

Engineering 102

Engineering Cybersecurity Manufacturing Firewall 102

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. After looking at 28 of the most popular manufacturers, our research team found 3.5 What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies.

Surveillance 145

Surveillance Manufacturing Passwords Internet 145

Security Affairs

AUGUST 22, 2023

Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions. In this case, it could take attackers as long as 22 years to crack a very strong admin password.

Passwords 98

Passwords Penetration Testing Engineering Manufacturing 98

Digital Shadows

FEBRUARY 10, 2025

Key Findings During the reporting period (August 1, 2024January 31, 2025), the manufacturing sector faced a turbulent threat landscape: Attackers ramped up their abuse of remote external services software, used impersonating domains for targeted spearphishing attacks, and continued to target the sector with ransomware.

Manufacturing 66

Manufacturing Cyber threats VPN Ransomware 66

The Hacker News

JANUARY 26, 2021

An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information.

Phishing 132

Phishing Social Engineering Manufacturing Engineering 132

Adam Levin

MARCH 17, 2020

Here are a few things you can do to protect your privacy while working and schooling from home: Update default passwords : Many webcams come with a default login and password, typically something like admin / admin. Change these default settings to something difficult for others to guess, and don’t re-use passwords from other accounts.

IoT 201

IoT Internet Internet Firewall 201

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. All the user needs is a strong password to access to the data. You can pop it on a thumb drive, set the password, and overnight it.

Encryption 203

Encryption Passwords Authentication Government 203

Graham Cluley

MARCH 27, 2024

Hardware wallet manufacturer Trezor has explained how its Twitter account was compromised - despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication. Read more in my article on the Hot for Security blog.

Accountability 120

Accountability Cryptocurrency Manufacturing Passwords 120

Malwarebytes

AUGUST 25, 2023

New research highlights another potential danger from IoT devices, with a popular make of smart light bulbs placing your Wi-Fi network password at risk. Multiple high severity vulnerabilities exist which allow for password retrieval and device manipulation, with four issues in total. One vulnerability, with a CVSS score of 7.6

Passwords 98

Passwords Risk IoT Firmware 98