Security News

The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems. In mid-October 2023, the Kansas courts authority disclosed a "Security incident" that impacted the availability of multiple systems, including the eFiling system attorney's use for document submission, electronic payment systems, and the case management systems used by district and appellate courts.

The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. A leak of HR documents stolen from the British Library was also confirmed today by the library's press office, which warned users to reset their passwords as a precautionary measure.

The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the seventh most populous city in California. Yesterday, the City of Long Beach warned that it suffered a cyberattack on November 14th and engaged a cybersecurity firm to investigate the incident and notified the FBI. The City says that once it detected the attack, it began to take systems offline immediately, which is done to prevent the spread of the attack to other devices.

The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars. Amy Bogac held the title of chief information security officer and VP of enterprise security and infrastructure at Clorox since June 2021, per her LinkedIn profile.

PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. The data exposed for each person varies depending on what information they provided to the healthcare services and the type of treatment they received.

"Our research found that there's much room for improvement in how global organizations can protect and manage their entire attack surface. It's not a question of if, but when, an attack will occur - especially against critical infrastructure that society so heavily relies upon." Employees increasingly are using their own assets in business environments, with clear gaps in the enforcement of BYOD policies: 22% of respondents report having an official BYOD policy that is not enforced across all employees, 23% say they either have guidelines that employees are encouraged to follow or admit they don't have any policies or guidelines around BYOD. Organizations, on average, can only account for around 60% of their assets when it comes to knowing things like asset location or the support status of these assets.

The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack. From this vantage point, in May 2023, they detected three waves of attacks targeting companies in the energy sector.

Mandiant, a cybersecurity company owned by Google, has revealed the details of a 2022 cyberattack run by Russian threat actor Sandworm. The threat group then accessed the OT environment "Through a hypervisor that hosted a Supervisory Control And Data Acquisition management instance for the victim's substation environment," according to Mandiant researchers, who stated the attacker potentially had access to the SCADA system for up to three months.

A cyberattack on international logistics firm DP World Australia has severely disrupted the regular freight movement in multiple large Australian ports. DP World has an annual revenue of over $10 billion and specializes in cargo logistics, port terminal operations, maritime services, and free trade zones.

Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit. Zyxel firewalls are used extensively by the organizations protected by SektorCERT and the vulnerabilities in these, announced in April, which allow remote attackers to gain complete control of the firewall without authentication, were blamed for most of the attacks.