Manufacturing, Technology and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

A cyberattack on the Virginia Attorney Generals Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings. The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency.

Ransomware

Ransomware Hacking Social Engineering VPN

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

VPN

VPN Government Malware Manufacturing

Cring Ransomware spreading because of Fortinet vulnerability

CyberSecurity Insiders

APRIL 9, 2021

European Enterprises mainly involved in manufacturing are being targeted by a new strain of Ransomware dubbed as Cring and confirmed sources say that the malware is being spread by exploitation of Fortinet VPN Vulnerability.

Ransomware

Ransomware VPN Manufacturing Backups

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages.

Firmware

Firmware Technology Authentication IoT

Threat Landscape Report: Uncovering Critical Cyber Threats to Manufacturing Sector

Digital Shadows

FEBRUARY 10, 2025

Key Findings During the reporting period (August 1, 2024January 31, 2025), the manufacturing sector faced a turbulent threat landscape: Attackers ramped up their abuse of remote external services software, used impersonating domains for targeted spearphishing attacks, and continued to target the sector with ransomware.

Manufacturing

Manufacturing Cyber threats VPN Ransomware

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Engineering Manufacturing

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies. VPN attack surface It’s notable that even without Covid-19 pressure was intensifying for Apple to join FIDO. Here are a few big takeaways.

Authentication

Authentication VPN Passwords Hacking

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

In this advisory, I aim to explore how implementing a specific security technological combination (TLS and DDNS) negatively influences the overall security, inadvertently creating opportunities for attackers to exploit weaknesses on a massive scale. For instance, suppose firewall manufacturer ACME Inc.

DNS

DNS Manufacturing Firewall Internet

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike.

Hacking

Hacking VPN Advertising Government

China-linked Flax Typhoon APT targets Taiwan

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The state sponsored hackers also uses the VPN access to scan for vulnerabilities in targeted organizations.

VPN

VPN Manufacturing Education Hacking

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN

VPN Ransomware Manufacturing IoT

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

On November 17, the library announced it was experiencing a major technology outage caused by a cyber-attack. We’re continuing to experience a major technology outage as a result of a cyber-attack, affecting our website, online systems and services, and some onsite services too. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Cyber Attacks Technology Manufacturing

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

Google Pixel 7 and Pixel 7 Pro: The next evolution in mobile security

Google Security

OCTOBER 11, 2022

The certification not only requires chip hardware to resist invasive penetration testing, but also mandates audits of the chip design and manufacturing process itself. This is where a Virtual Private Network (VPN) comes in. Typically, if you want a VPN on your phone, you need to get one from a third party.

Mobile

Mobile VPN Penetration Testing Encryption

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Healthcare Education

4-year old Misfortune Cookie vulnerability threatens Capsule Technologies medical gateway device

Security Affairs

AUGUST 30, 2018

Qualcomm Life Capsule Technologies has released a security patch to address the vulnerability, but it only works for the Single Board variant of the DTS, from 2009, instead, it is not possible to use it on The Dual Board, Capsule Digi Connect ES and Capsule Digi Connect ES converted to DTS. Pierluigi Paganini.

Technology

Technology Advertising VPN Manufacturing

Human Factors in SCADA and IoT Security: Addressing the Biggest Vulnerability in Industrial Systems

SecureWorld News

AUGUST 3, 2024

While advancements in technology offer unprecedented efficiency and insight, they also introduce new vulnerabilities. Ironically, as impressive as these systems are, the weakest link is often not with the technology itself but with the people who interact with it. The attacker's gateway? Human blunders.

IoT

IoT Education Technology Passwords

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon. ” reads the report published by Lumen Technologies. ” concludes the report.

Small Business

Small Business Technology VPN Government

PseudoManuscrypt: a mass-scale spyware attack campaign

SecureList

DECEMBER 16, 2021

of all computers attacked by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in various industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. According to our telemetry, at least 7.2%

Spyware

Spyware Energy and Utilities Malware VPN

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Government VPN Manufacturing

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Within these government labs and agencies, taking place is a groundswell of innovation in deep technology cyber disciplines to the tune of billions of dollars annually over the past three decades. In Silicon Valley, the initial technology seeds were planted in World War II, when the U.S.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

The Last Watchdog

DECEMBER 9, 2021

The explosion of 5G this past year has created transformational opportunities around Smart Manufacturing, Augmented Reality / Virtual Reality (AR/VR), and more. About the essayist: Kelly Ahuja is CEO of Versa Networks , a supplier of single-source SASE technology. Securing Iot, MEC.

Mobile

Mobile IoT Cybersecurity Digital transformation

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

But manufacturers of agricultural equipment have spent the last few years locked in an automation arms race, and the side effects of this race are starting to show. In any industry that is developing and adopting new technology at pace you can expect growing pains and security is often the last thing on the developers’ minds.

Ransomware

Ransomware Manufacturing Passwords Internet

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. Computers that use VPN software are less exposed to online threats, but unfortunately, they represent only 15% of the total. Such threats were blocked more often on computers with VPN software.”

Engineering

Engineering VPN Software Accountability

CISA Cautions of Attacks on UPS Devices

Hacker Combat

APRIL 1, 2022

A feature adopted by a large number of manufacturers in the recent past is the addition of the internet and related features to their units. Many manufacturers, however, have incorporated internet connectivity and other capabilities into their UPS equipment in recent years to enable remote monitoring and management.

Passwords

Passwords Internet Internet Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

Hangzhou Hikvision Digital Technology Co., Hikvision is also known for its research on technologies such as visual recognition, cloud computing, and their adoption in security scenarios. In general it is a good idea not make your cameras accessible from the internet and if you do, put them behind a VPN. The vulnerability.

Firmware

Firmware Surveillance Marketing VPN

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Malwarebytes

MAY 11, 2021

The FBI states that is has received notifications of unidentified cyber actors using Avaddon ransomware against US and foreign private sector companies, manufacturing organizations, and healthcare agencies. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware

Ransomware VPN Encryption Cybercrime

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

Many facilities have not separated operational technology (the bits that control the switches and levers) from safety systems that might detect and alert on intrusions or potentially dangerous changes. Quite rarely do they have a proper VPN [virtual private network] for secure remote connection.

Hacking

Hacking Media Cybersecurity Ransomware

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Passwords VPN

Cybersecurity for a Cloud-First, Work-from-Home World

CyberSecurity Insiders

FEBRUARY 16, 2021

However, the technology already exists to protect against these threats. But when you’re a company running a business, manufacturing a product or selling a service, that’s going to be your main focus, not the cloud and not security. It’s about focus and perspective on the right solutions.

Cybersecurity

Cybersecurity IoT Malware Risk

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Consider installing and using a VPN. Install and regularly update anti-virus and anti-malware software on all hosts. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Passwords Backups Firmware

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as early as June 12, 2024.” The Volt Typhoon’s activities suggest that the group primarily aims to establish a foothold within networks to secure access to Operational Technology (OT) assets.

Energy and Utilities

Energy and Utilities Firewall Technology Malware

AT&T teams with Cisco to create new managed SASE offering

CyberSecurity Insiders

JANUARY 5, 2022

Whether organizations call it digital transformation or just using technology to create opportunities for new, easier ways to work, one thing is certain. The platform that powers the service integrates SD-WAN, secure remote access, and secure web gateway technology into a single set of consolidated levers and controls for IT and security.

Digital transformation

Digital transformation Architecture Technology DNS

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Encryption VPN Manufacturing

Privacy Roundup: Week 9 of Year 2025

Security Boulevard

MARCH 3, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Privacy Services Brave iOS update brings Smart Proxy and Kill Switch AlternativeTo This has more to do with Brave's VPN service rather than its browser. The manufacturer (Hirsch) does not plan a security fix.

Surveillance

Surveillance Data breaches Firmware Encryption

Ransomware and Cyber Extortion in Q4 2024

Digital Shadows

JANUARY 14, 2025

To gain access to internal networks, Akira targeted local accounts with disabled multifactor authentication (MFA) and SonicOS firmware versions vulnerable to exploitation, often exposed to the internet for virtual private network (VPN) access.

Ransomware

Ransomware Social Engineering Phishing VPN

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Accountability

Accountability VPN Manufacturing Firewall

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. Consider installing and using a VPN.

Ransomware

Ransomware Encryption Passwords Malware

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Cloak ransomware group hacked the Virginia Attorney General’s Office

Trending Sources

China’s Volt Typhoon botnet has re-emerged

Cring Ransomware spreading because of Fortinet vulnerability

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Threat Landscape Report: Uncovering Critical Cyber Threats to Manufacturing Sector

Rhysida ransomware gang claimed China Energy hack

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Iran-linked APT group Pioneer Kitten sells access to hacked networks

China-linked Flax Typhoon APT targets Taiwan

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs newsletter Round 326

Rhysida ransomware gang is auctioning data stolen from the British Library

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Google Pixel 7 and Pixel 7 Pro: The next evolution in mobile security

FBI and CISA warn of attacks by Rhysida ransomware gang

4-year old Misfortune Cookie vulnerability threatens Capsule Technologies medical gateway device

Human Factors in SCADA and IoT Security: Addressing the Biggest Vulnerability in Industrial Systems

China-linked APT Volt Typhoon linked to KV-Botnet

PseudoManuscrypt: a mass-scale spyware attack campaign

US offers $10 million reward for info on Hive ransomware group leaders

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

FBI warns of ransomware threat to food and agriculture

Which is the Threat landscape for the ICS sector in 2020?

CISA Cautions of Attacks on UPS Devices

FBI chief says China is preparing to attack US critical infrastructure

Patch now! Insecure Hikvision security cameras can be taken over remotely

Avaddon ransomware campaign prompts warnings from FBI, ACSC

French authorities arrested a Russian national for his role in the Hive ransomware operation

What’s most interesting about the Florida water system hack? That we heard about it at all.

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Cybersecurity for a Cloud-First, Work-from-Home World

FBI warns of ransomware attacks targeting the food and agriculture sector

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

AT&T teams with Cisco to create new managed SASE offering

Researchers released a free decryption tool for the Rhysida Ransomware

Privacy Roundup: Week 9 of Year 2025

Ransomware and Cyber Extortion in Q4 2024

Hive Ransomware Tor leak site apparently seized by law enforcement

China-linked APT Volt Typhoon targets critical infrastructure organizations

FBI published a flash alert on Mamba Ransomware attacks

Stay Connected