Security News

IKEA is battling an ongoing cyberattack where threat actors are targeting employees in internal phishing attacks using stolen reply-chain emails. A reply-chain email attack is when threat actors steal legitimate corporate email and then reply to them with links to malicious documents that install malware on recipients' devices.

The software industry does not currently track the source of all code, nor does it grade the level of security standards applied in these international code factories. Establish a grading scale to rate each piece of code to more effectively determine the risk a company is inheriting from the code.

Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack. Vestas is a leading North American manufacturer, installer, and servicing company for wind turbines, with 40,000 MW installed and 36,000+ MW under service in the U.S. and Canada.

The U.S. Department of Justice has unsealed charges against two Iranian nationals for cyberattacks against the U.S. 2020 presidential campaign, and there's a $10 million reward offered for information on their activities. Kazemi and Kashian allegedly breached at least one state election website and attempted to access 110 others, sent threatening emails to voters, distributed a disinformation video about election infrastructure vulnerabilities, and gained access to a U.S. media company's network, according to law enforcement.

US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.

US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.

As has been reported, approximately 60% of SMBs go out of business within six months of getting hacked. While the pandemic forced many SMBs to scale back their operations, cyberattacks actually increased throughout 2020 and 2021 for small and midsize businesses.

Midsize companies often lack the staff, expertise and expensive tools needed to defend themselves against attack, says security provider Coro. To generate its new report, named "The Great Cyber Security Market Failure and the Tragic Implications for Mid-Sized Companies," Coro analyzed information on more than 4,000 midsize companies across six industries: retail, manufacturing, professional services, healthcare, transportation and education.

The survey, conducted by The Harris Poll among more than 700 American adults who currently play online games, found that 47% of American gamers have experienced a cyberattack to their gaming account or device. 23% U.S. gamers are likely to hack into the gaming account of a friend, family member or romantic partner if they knew it would give them a competitive advantage in an online game.

On Saturday, spam tracker Spamhaus tweeted that it had learned of "Scary" emails being sent purportedly from the FBI and Department of Homeland Security. Though the emails were sent from a portal owned by the FBI and DHS, Spamhaus said that the messages themselves were fake.