Collaborate Disseminate
Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows complete compromise of the devices. There are no workar… Continue reading Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypted … Continue reading BlackByte affiliates use new encryptor and new TTPs
Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties…. Continue reading Scammers dupe chemical company into wiring $60 million
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its… Continue reading Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them. First response In early December 2023, the company – a regional Nissan division which includes Nissan… Continue reading Nissan breach exposed data of 100,000 individuals
German battery manufacturer Varta was forced to shut down its IT systems and stop production as a result of a cyberattack. The Varta cyberattack The cyberattack occurred on Monday night and affected five of the company’s production plants and the… Continue reading Battery maker Varta halts production after cyberattack
Researchers have discovered over two dozen vulnerabilities in “smart” cordless nutrunners (i.e., pneumatic torque wrenches) manufactured by Bosch Rexroth that could be exploited to make the devices inoperable or their output unreliable. … Continue reading Attackers could use vulnerabilities in Bosch Rexroth nutrunners to disrupt automotive production
The manufacturing industry is embracing digital transformation to fuel efficiency and productivity. However, this evolution is accompanied by profound and growing cybersecurity challenges. In this Help Net Security video, Kory Daniels, CISO at Trustwav… Continue reading A closer look at the manufacturing threat landscape
Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers (PLCs), ahead of expected (and likely) in-the-wild exploitation. “An unrel… Continue reading Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)
French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday. Lacroix designs and produces electronic equipment for the automotive, home… Continue reading Lacroix manufacturing facilities shut down following cyberattack