Manufacturing industries targeted, Senator Victimizes Deepfake ,Kia owners beware
Here comes the new month of October, and threat actors have already started their malicious activities. Week 1 news snippets are all about the latest trends in the world of cyberattacks—be it ransomware attacks, deep fake attacks, or remote hacks. Staying aware of these attacks is the only way to strengthen your cybersecurity mechanism and protect your sensitive data from these threat actors.
Without wasting any more time, let’s start with a fresh dose of cybersecurity bulletins.
Here you go!
Ransomware groups consider manufacturing industries to be their primary target!
Ransomware groups have a knack for manufacturers as this industry is considerably slow when it comes to technological advancements. The manufacturing sector alone accounts for about 21% of the ransomware attacks. The survey examined a total of 5,000 companies, out of which around 80% of manufacturing companies are prone to critical CVSS-rated vulnerabilities.
This significantly increases the risk for third-party stakeholders.
The threat actors love the fact that the manufacturing sector has a close connection with leading global supply chains. That’s why this sector serves as a treasure trove of vital data for ransomware groups.
It is high time that manufacturing enterprises take cognizance of the vulnerabilities and take remedial steps to strengthen their security mechanisms. Thus, companies must start with patch management. Organizations should also pay special attention to their exposed credentials.
They must make extra efforts to secure their web applications to prevent falling prey to ransomware groups. The right cybersecurity measures will enable the global manufacturing sector to grow digitally without compromising its data.
US Senator falls prey to deep fake operation!
In a shocking turn of events, Ben Cardin, the US Senator, faced a deep fake attack last month. The attackers were partly successful in duping the Senator. Cardin’s office received an official email, which they believed came from Dmytro Kuleba, the former Ukranian Minister of Foreign Affairs. Cardin and Kuleba had also met in person in past meetings.
Cardin soon met with Kuleba via a Zoom call. It was a sort of live audio-video connection that Cardin’s security officer found suspicious. They believe that something about that Zoom meeting was wrong; the audio and video were not consistent. But what gave the threat actors away were the suspicious, politically charged questions such as, ‘Do you support long-range missiles into Russian territory? I need to know your answer.’
Such questions made Cardin and his security team suspicious. The threat actor on the other side of the screen kept trying to persuade the Senator to comment on significant political issues. Soon, the Senator and his staff dropped the call and connected with the Department of State for verification. They confirmed that Kuleba was not behind the screen.
Implement SPF, DKIM, and DMARC to secure your email domain and ensure that only authorized senders can use your domain, helping to prevent phishing and spoofing attacks.
Cardin described the unfortunate incident as a vicious cyberattack by someone persistently trying to coax out some vital details from the Senator. Relevant authorities have jumped into action and are carrying out a full-fledged investigation.
Deep fake attacks can pose severe risks to organizations, including financial loss, corporate espionage, and reputational damage. Such attacks may even threaten national security and affect democratic operations.
It’s scary to know that more threat actors are attempting deep fake scams to create a sense of chaos and panic worldwide.
Beware of remote hacking if you are a proud Kia owner!
A car enthusiast checks each and every feature before buying their dream car. But not even in their faintest dreams do they realize that their car can be susceptible to cyberattacks.
Millions of Kia owners were ignorant of the fact that their vehicles are prone to remote hacking. The automobile company fixed this issue back in Mid-August after being alerted by multiple security researchers.
The glitch highlights the increasing vulnerability of modern-day vehicles to cyberattacks.
Sam Curry, an independent researcher, mentioned about the Kia vulnerability for the first time in his report. The report showed how any threat actor could misuse the vulnerability and manipulate it to remotely lock and unlock Kia vehicles. Remote hacking would have allowed them to perform other activities such as start and shut down engines, activate the horn, headlights and so on.
Hackers could also go as far as accessing the owner’s account and locking them out of their own car.
Experts believe that automotive vendors have been behaving irresponsibly when it comes to cybersecurity. They are highly irked out because of the lack of ample security measures, thereby posing direct threats to the car owners and passengers. Experts believe that the risk of an average car driver has shifted from merely losing their car key to losing their user account and car access because of the careless mistakes of the automobile manufacturers.