Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack

December 11, 2024 at 05:38PM Krispy Kreme experienced a cybersecurity incident affecting online ordering while retail operations remain unaffected. An SEC filing revealed unauthorized access to its IT systems, prompting ongoing investigations and external expert assistance. The company anticipates material business impact, though losses may be mitigated by cyber insurance. Customer data compromise remains unconfirmed. … Read more

Cleo Vulnerability Exploitation Linked to Termite Ransomware Group

December 11, 2024 at 07:41AM The newly identified ransomware group Termite appears responsible for exploiting a vulnerability in Cleo’s file transfer software. This issue allows unauthorized file access and potential remote code execution, affecting around 1,700 servers, primarily in the US retail sector. Cleo plans to release a fix for the vulnerability soon. ### Meeting … Read more

Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises

December 10, 2024 at 09:48AM Huntress warned of an exploited vulnerability (CVE-2024-50623) in Cleo’s file transfer products, affecting over 1,700 servers, mostly in consumer and shipping sectors. Despite a patch, it failed to secure systems, allowing unauthorized access and persistent threats. Cleo plans to release a new patch shortly. **Meeting Takeaways:** 1. **Vulnerability Identified**: Huntress … Read more

Ransomware attack hits leading heart surgery device maker

December 9, 2024 at 06:03PM Artivion experienced a ransomware attack on November 21, disrupting operations and forcing some systems offline. The company is investigating the incident, involving external advisors, and has reported data encryption and theft. While most operational disruptions have been addressed, additional costs are expected, and no ransom demands have yet been claimed. … Read more

Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure

December 9, 2024 at 02:19PM A new report by Fortress Information Security reveals significant vulnerabilities in software powering U.S. utilities, with hundreds highly exploitable. 25% of components used are from Chinese developers, posing security risks. The report emphasizes the need to identify and eliminate compromised code to safeguard critical infrastructure from potential attacks. ### Meeting … Read more

Blue Yonder ransomware termites claim credit

December 8, 2024 at 10:10PM The Termite ransomware gang claimed responsibility for a ransomware attack on Blue Yonder, stealing 680GB of data. Blue Yonder’s operations were disrupted, affecting clients like Starbucks and UK grocery chains. Additionally, a Nigerian scammer received eight years in prison for a business email compromise scheme that stole over $6 million. … Read more

Discover the future of Linux security

December 2, 2024 at 09:52AM Red Hat invites IT professionals to the State of Linux Security Symposium 2024 on December 10th, 10am PT/1pm ET. The event covers security principles, supply chain protection, and the benefits of Red Hat Enterprise Linux, featuring real-world insights and collaboration strategies for enhancing Linux infrastructure security. Sign up to participate. … Read more

China’s Cyber Offensives Built in Lockstep With Private Firms, Academia

November 22, 2024 at 09:51AM Research reveals that numerous private cybersecurity firms and universities are aiding China in developing offensive cyber capabilities to support military and economic ambitions. This collaboration enhances cyberattacks, particularly against U.S. infrastructure, raising concerns about China’s persistent cyber threats and the complex ecosystem involving state and non-state actors. ### Meeting Takeaways … Read more

African Reliance on Foreign Suppliers Boosts Insecurity Concerns

November 20, 2024 at 03:08AM For five years, the African Union’s headquarters faced espionage, with data uploaded to China-based systems. As reliance on foreign technology increases, African nations aim to enhance local tech capabilities, seeking independence from external influences. The focus is on balancing investment needs with security risks associated with foreign supply chains. ### … Read more

Deepen your knowledge of Linux security

November 18, 2024 at 09:51AM On December 10th at 10am PT/1pm ET, Red Hat will host the State of Linux Security Symposium 2024, offering IT professionals insights on securing Linux environments. Featuring six sessions, topics include security practices, supply chain safeguards, and RHEL benefits. Register now to enhance your Linux security knowledge. ### Meeting Notes … Read more