Security News

French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they "Intercepted" over the weekend, the company has announced on Monday. During the night of May 12 to May 13, the company has blocked a cyberattack on its French, German and Tunisian sites, while other sites have been secured.

The Philadelphia Inquirer daily newspaper is working on restoring systems impacted by what was described as a cyberattack that hit its network over the weekend. "We appreciate everyone's patience and understanding as we work to fully restore systems and complete this investigation as soon as possible," a spokesperson for Inquirer publisher Lisa Hughes said.

Geographically speaking, the most concerned CISOs are located in the U.K., Germany and Singapore, with the U.S. being at 73%. Regarding the business verticals, CISOs in retail, manufacturing and finance feel the most concerned about cyberattacks. CISOs consider business email compromise as the biggest threat to their organizations for the next 12 months.

Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data. "On March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023, in which the threat actor gained access to our systems without authorization and claimed to have acquired certain data," Sysco added in data breach notification letters sent to some of the affected individuals.

Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack. The company emailed the data breach notifications late Friday afternoon, warning that customers' data was stored in a Western Digital database stolen during the attack.

Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. "This vulnerability allows any unauthenticated user from stealing sensitive information to, in this case, privilege escalation on the WordPress site by tricking a privileged user to visit the crafted URL path," Patchstack researcher Rafie Muhammad said.

The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. Active since at least 2012, the prolific threat actor has been linked to targeted attacks on non-governmental organizations, think tanks, diplomatic agencies, military organizations, economic groups, and research entities across North America, Asia, and Europe.

We've written about the uncertainty of Apple's security update process many times before. Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac.

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The service provider doesn't yet have a timeline for when it expects to have all of its systems back up and running.

The leak comes after the threat actor warned Western Digital on April 17th that they would hurt them until they "Cannot stand anymore" if a ransom was not paid. On March 26th, Western Digital suffered a cyberattack where threat actors breached its internal network and stole company data.