12 matches found
APT trends report Q3 2024
Kaspersky's Global Research and Analysis Team GReAT has been releasing quarterly summaries of advanced persistent threat APT activity for over seven years now. Based on our threat intelligence research, these summaries offer a representative overview of what we've published and discussed in more...
Weak Password Vulnerability in U9cloud Smart Factory of UFIDA Network Technology Co.
UFIDA U9cloud Smart Factory is an intelligent solution for the manufacturing industry, designed to help enterprises realize the digitalization and intelligence of the production process A weak password vulnerability exists in UFIDA U9cloud Smart Factory, which can be exploited by attackers to...
CL0P's Ransomware Rampage - Security Measures for 2024
2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 t...
What's Wrong with Manufacturing?
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also th...
SYS01 Stealer Targets Government and Manufacturing Industry
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The SYS01 stealer has been targeting critical government infrastructure employees, manufacturing companies, and other industries, and using various delivery technique...
Exploits and TrickBot disrupt manufacturing operations
September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021...
Human Resources Information Technology (eHR) Management Platform suffers from SQL Injection Vulnerability
hereinafter referred to as the same share software focuses on the manufacturing industry, commercial circulation industry, government departments, enterprises and institutions, such as a full range of management software research and development and services, with the domestic industry's well-kno...
Ransomware by the numbers: Reassessing the threat’s global impact
Kaspersky has been following the ransomware landscape for years. In the past, weve published yearly reports on the subject: PC ransomware in 2014-2016, Ransomware in 2016-2017, and Ransomware and malicious crypto miners in 2016-2018. In fact, in 2019, we chose ransomware as the story of the year,...
APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. We named the campaign A41APT not APT41 which is derived from the host name...
SQL Injection Vulnerability in Kaixin Quote System V2.0 pr***.aspx Page
The QI Quotation System is primarily for use by manufacturing companies. For incoming BOM list price monitoring. The system will automatically record the past quoted prices of BOM products, so that the purchasing staff can easily give new quotes. A SQL injection vulnerability exists in the Qixing...
How Can Manufacturing Companies Improve Network Access and Security?
The manufacturing industry faces complex challenges other sectors of the economy need not worry about. Manufacturers rely heavily on everything from positive global economic trends to laws that lift certain burdens. And companies involved with manufacturing consistently focus on increased...
Aviation-Related Phishing Campaigns Seeking Credentials
A wave of email-based phishing campaigns is targeting airline consumers with messages that contain malware that infects systems or links to spoofed airline websites that are personalized to trick victims into handing over personal or business credentials. “Over the past several weeks, we have see...