Security Affairs
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hackers penetrated NEC defense business division in 2016

Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. The Japanese firm confirmed the unauthorized access to its internal network after Japanese newspapers disclosed the security […]

Xsolis

Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016.

The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016.

The Japanese firm confirmed the unauthorized access to its internal network after Japanese newspapers disclosed the security incident citing sources informed of the event.

NEC is a contractor for Japan’s defense industry and was involved in various defense projects.

Roughly 28,000 files were found by the company on one of the compromised servers, some of them containing info about defense equipment.

“In July 2018, we succeeded in decrypting encrypted communication with an infected server and an external server that was performing unauthorized communication, and stored it on our internal server for information sharing with other departments used by our defense business division 27,445 files were found to have been accessed illegally.

As a result of investigations conducted by the Company and external specialized organizations, no damage such as information leakage has been confirmed so far.” reads the statement from the company.

“These files do not contain confidential information or personal information. In addition, since July 2018, the situation has been individually explained to customers related to files that have been accessed illegally,”

The situation is different according to the Nikkei newspaper that reported that the Japanese Ministry of Defense said that the exposed files contained “information on contracts with NEC, not defense secrets, and there is no impact on Japan’s defense system.”

NEC was informed of the intrusion in July 2017 by a security company contracted by the electronics company to investigate alleged unauthorized accesses to the internal network.

In July 2018, the company was able to decrypt unauthorized communications between an internal server and an external machine and discovered further compromise.

NEC announced it has taken steps to improve the security of its infrastructure and prevent future intrusions.

Recently another Japanese multinational electronics giant disclosed a data breach, last week Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts.

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei, reported the security breach.

The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus.

Trend Micro has now addressed the vulnerability, but we cannot exclude that the hackers have exploited the same issue in attacks against other targets. After the security firm patched the CVE-2019-18187 flaw in October, it warned customers that the issue was being actively exploited by hackers in the wild.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – NEC, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]