Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

November 25, 2024 at 05:32PM A ransomware attack on Blue Yonder affected major retailers and manufacturers, notably disrupting operations for UK supermarkets Morrisons and Sainsbury’s. The incident underscores heightened cybersecurity risks during the holiday season, as organizations often reduce staffing and defenses. Experts recommend maintaining adequate staffing and strong cyber hygiene practices year-round. ### Key … Read more

The story behind the Health Infrastructure Security and Accountability Act

October 29, 2024 at 12:11PM In February 2024, Change Healthcare suffered a ransomware attack, impacting 110 million individuals and exposing sensitive data. The incident prompted U.S. Senate legislation, the Health Infrastructure Security and Accountability Act (HISAA), aiming to enforce stricter cybersecurity standards in healthcare. HISAA includes compliance audits and funding for enhanced security. ### Meeting … Read more

Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly

October 14, 2024 at 04:15PM Microsoft’s report highlights the rising cybersecurity risks faced by K-12 and higher education institutions, often targeted due to their valuable private data. Challenges include limited security staffing, vulnerable IT systems, and young users’ lack of cybersecurity awareness. Effective protective measures include enhancing cyber hygiene and centralized technology monitoring. ### Meeting … Read more

NSA Releases 6 Principles of OT Cybersecurity

October 2, 2024 at 07:10PM The National Security Agency and international cybersecurity agencies released “Principles of Operational Technology Cyber Security,” outlining six principles to safeguard critical infrastructure. These principles stress the paramount importance of safety, knowledge of the business, protecting OT data, segmenting OT networks, securing the supply chain, and ensuring a skilled cybersecurity workforce. … Read more

North Korean APT Bypasses DMARC Email Policies in Cyber-Espionage Attacks

September 19, 2024 at 09:01PM Geopolitical tensions have led to a surge in cyberattacks on US and allied organizations by North Korean cyber-espionage group Kimsuky. The group has successfully exploited poorly configured DMARC policies for spear-phishing campaigns targeting high-profile individuals and organizations. Ensuring properly configured DMARC is critical to defend against these attacks and protect … Read more

#StopRansomware: RansomHub Ransomware

August 29, 2024 at 01:53PM Summary: The FBI, CISA, MS-ISAC, and HHS have released a joint Cybersecurity Advisory to disseminate information about RansomHub ransomware, including its tactics, techniques, and procedures. The advisory includes details on the ransomware’s impact, mitigation recommendations for network defenders, technical details, and further resources to protect against ransomware threats. Based on … Read more

Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats?

August 16, 2024 at 01:54PM Cyber threats to the 2024 US elections have recently surged, posing a significant risk. Incidents include a Telegram bot targeting Democratic party credentials, false accusations involving AI, and phishing emails sent to presidential campaigns. Campaigns face similar security risks to other organizations, but new finance rules allow for external cybersecurity … Read more

RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks

August 15, 2024 at 07:33AM A cybercrime group linked to RansomHub ransomware has been using a new tool, EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This tool is a delivery mechanism for vulnerable drivers and can deliver different driver payloads. It’s important to keep systems updated and enable tamper protection in … Read more

Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs

July 30, 2024 at 04:12PM Ransomware groups are exploiting an authentication bypass bug (CVE-2024-37085) in VMware ESXi, giving them significant access and enabling rapid malware deployment. Broadcom has issued a fix. ESXi hypervisors inadvertently grant full administrative access to any AD domain group called “ESX Admins.” Hackers find hypervisors alluring due to their complexity and … Read more

Canadian Startup Protexxa Attracts $10 Million Series A Financing

July 23, 2024 at 02:45PM Canadian cybersecurity startup Protexxa completed a $10 million Series A funding round, raising its total to $15 million. The investment from Bell Ventures, Bell Canada, and Sandpiper Ventures, along with others, will support the advancement of its AI-powered security platform, global expansion, and enhancement of its enterprise solution for various … Read more