Security News

A recent "Large scale" cyberattack targeting top Polish politicians was launched from Russia, Jaroslaw Kaczynski, the leader of Poland's governing right-wing party, said on Friday. "Analyses by our services and the secret services of our allies allow us to unequivocally say that the cyberattack was carried out from the territory of the Russian Federation," Kaczynski said in a statement.

Carnival Corp., the world's largest cruise-ship operator, has sprung another leak: For the second time in a year, attackers have breached email accounts and accessed personal, financial and health information belonging to guests, employees and crew. Fifteen months ago, in March 2020, Carnival Cruise Lines disclosed that it was hit with a data breach: Threat actors accessed names, addresses, Social Security numbers, passport numbers or driver's-license numbers, credit-card and financial account information, and health-related information.

The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. On May 21, India's flag carrier airline, Air India, disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years in the wake of a supply chain attack directed at its Passenger Service System provider SITA earlier this February.

A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks. The document treats both Russia and China as threats.

The cyberattack on SITA that impacted multiple airlines around the world was orchestrated by a Chinese nation-state threat actor tracked as APT41, security researchers at detection and prevention firm Group-IB say. Air India revealed that the attack was related to SITA PSS, which processes personally identifiable information.

The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware. McDonald's is the latest company to fall victim to a cyberattack exposing customer and other data in the U.S., Taiwan and China, The Wall Street Journal has reported.

The U.S. Department of Justice this week announced charges against Vikas Singla, the chief operating officer of a metro-Atlanta cybersecurity company, for allegedly targeting the Gwinnett Medical Center in a disruptive cyberattack. Singla, 45, of Marietta, Georgia, allegedly targeted the medical center in 2018, disrupting phone and network printer services, and gaining access to information.

The former chief operating officer of Securolytics, a network security company providing services for the health care industry, was charged with allegedly conducting a cyberattack on Georgia-based Gwinnett Medical Center. 45-year-old Vikas Singla supposedly disrupted the health provider's Ascom phone service and network printer service and obtained information from a Hologic R2 Digitizer digitizing device in September 2018.

Cisco's Talos team said 35% of incidents led back to Microsoft Exchange Server vulnerabilities reported early in 2021, but new ransomware families have been appearing to fill the Emotet hole, too. Cisco's Talos Intelligence Group has released its incident response trends report for spring 2021, and found that Microsoft Exchange Server vulnerabilities reported in early 2021 were the most detected incident over the past three months.

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month. "In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated," JBS USA said in a statement, with CEO Andre Nogueira adding the firm made the "Very difficult decision" to prevent any potential risk for its customers.