Security News
The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the seventh most populous city in California. Yesterday, the City of Long Beach warned that it suffered a cyberattack on November 14th and engaged a cybersecurity firm to investigate the incident and notified the FBI. The City says that once it detected the attack, it began to take systems offline immediately, which is done to prevent the spread of the attack to other devices.
The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars. Amy Bogac held the title of chief information security officer and VP of enterprise security and infrastructure at Clorox since June 2021, per her LinkedIn profile.
PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. The data exposed for each person varies depending on what information they provided to the healthcare services and the type of treatment they received.
"Our research found that there's much room for improvement in how global organizations can protect and manage their entire attack surface. It's not a question of if, but when, an attack will occur - especially against critical infrastructure that society so heavily relies upon." Employees increasingly are using their own assets in business environments, with clear gaps in the enforcement of BYOD policies: 22% of respondents report having an official BYOD policy that is not enforced across all employees, 23% say they either have guidelines that employees are encouraged to follow or admit they don't have any policies or guidelines around BYOD. Organizations, on average, can only account for around 60% of their assets when it comes to knowing things like asset location or the support status of these assets.
The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack. From this vantage point, in May 2023, they detected three waves of attacks targeting companies in the energy sector.
Mandiant, a cybersecurity company owned by Google, has revealed the details of a 2022 cyberattack run by Russian threat actor Sandworm. The threat group then accessed the OT environment "Through a hypervisor that hosted a Supervisory Control And Data Acquisition management instance for the victim's substation environment," according to Mandiant researchers, who stated the attacker potentially had access to the SCADA system for up to three months.
A cyberattack on international logistics firm DP World Australia has severely disrupted the regular freight movement in multiple large Australian ports. DP World has an annual revenue of over $10 billion and specializes in cargo logistics, port terminal operations, maritime services, and free trade zones.
Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit. Zyxel firewalls are used extensively by the organizations protected by SektorCERT and the vulnerabilities in these, announced in April, which allow remote attackers to gain complete control of the firewall without authentication, were blamed for most of the attacks.
Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers. Ace Hardware is a hardware store retailer-owned cooperative that operates 17 distribution centers and 5,700 shops across the United States, China, Panama, and the UAE. The cooperative employs 12,500 people and has an annual revenue that surpasses $9 billion.
The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30. The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.