Security News
A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, England. The man was employed as an IT Security Analyst when, on February 27, 2018, the company suffered a cyber security incident that resulted in the attacker gaining unauthorized access to part of the company's computer systems.
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's distribution and disrupted some business operations. The Philadelphia Inquirer is Philadelphia's largest newspaper.
French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they "Intercepted" over the weekend, the company has announced on Monday. During the night of May 12 to May 13, the company has blocked a cyberattack on its French, German and Tunisian sites, while other sites have been secured.
The Philadelphia Inquirer daily newspaper is working on restoring systems impacted by what was described as a cyberattack that hit its network over the weekend. "We appreciate everyone's patience and understanding as we work to fully restore systems and complete this investigation as soon as possible," a spokesperson for Inquirer publisher Lisa Hughes said.
Geographically speaking, the most concerned CISOs are located in the U.K., Germany and Singapore, with the U.S. being at 73%. Regarding the business verticals, CISOs in retail, manufacturing and finance feel the most concerned about cyberattacks. CISOs consider business email compromise as the biggest threat to their organizations for the next 12 months.
Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data. "On March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023, in which the threat actor gained access to our systems without authorization and claimed to have acquired certain data," Sysco added in data breach notification letters sent to some of the affected individuals.
Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack. The company emailed the data breach notifications late Friday afternoon, warning that customers' data was stored in a Western Digital database stolen during the attack.
Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. "This vulnerability allows any unauthenticated user from stealing sensitive information to, in this case, privilege escalation on the WordPress site by tricking a privileged user to visit the crafted URL path," Patchstack researcher Rafie Muhammad said.
The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. Active since at least 2012, the prolific threat actor has been linked to targeted attacks on non-governmental organizations, think tanks, diplomatic agencies, military organizations, economic groups, and research entities across North America, Asia, and Europe.
We've written about the uncertainty of Apple's security update process many times before. Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac.