Security News

JBS Foods, a leading food company and the largest meat producer globally, had to shut down production at multiple sites worldwide following a cyberattack. The incident impacted multiple JBS production facilities worldwide over the weekend, including those from the United States, Australia, and Canada.

Over the past year, an Iran-linked threat actor named Agrius has been observed launching destructive attacks on Israeli targets, under the disguise of ransomware attacks, according to endpoint security company SentinelOne. Likely state-sponsored, the threat group initially engaged in cyberespionage attacks, but then attempted to extort victims, claiming to have exfiltrated and encrypted data.

A series of high-profile cyberattacks on targets in the West have highlighted the vulnerability of companies and institutions, making the issue a higher public priority but with no easy solution. The attack saw its computer systems encrypted, putting its operations offline and causing fuel shortages for American drivers.

Today, Cato Networks has released an analysis of the network flows across its platform during Q1, 2021, seeking anomalous behavior in approximately 200 billion traffic flows during Q1, 2021. "Blocking network traffic to and from 'the usual suspects' may not necessarily make your organization more secure," comments Etay Maor, senior director of security strategy at Cato Networks.

From paralysing the internet in Estonia to a $4.4-million ransom being paid last week after the shutdown of a major US pipeline, we take a look back at 15 years of cyberattacks. The Baltic nation of Estonia was the first state hit by a massive cyberattack in 2007, paralysing key corporate and government web services for days.

The incidents of the past month have confirmed the lack of cyber resilience in many industrial companies and is another reminder of the benefits of zero trust in mitigating the effects of ransomware. The industrial community must improve resilience in operational networks using zero trust strategies.

Microsoft has released SimuLand, an open-source lab environment to help test and improve Microsoft 365 Defender, Azure Defender, and Azure Sentinel defenses against real attack scenarios. SimuLand test labs "Provide use cases from a variety of data sources including telemetry from Microsoft 365 Defender security products, Azure Defender, and other integrated data sources through Azure Sentinel data connectors," MSTIC Threat Researcher Roberto Rodriguez said.

Glass and metal packaging giant Ardagh Group this week disclosed a cyberattack that forced it to shut down certain systems and applications. The Luxembourg-based company, one of the largest producers of glass and metal packaging products, says it was able to safely continue operations at its facilities despite the incident.

Neal Dennis: There's a lot of good things out there that are kind of one-offs, or staging one-offs, when the campaigns in the cyberwar kick off. You're kind of out in front of the threats as a community.

The European Council this week announced its decision to extend for one year the framework for sanctions against cyberattacks that threaten the European Union and its member states. Established in 2017, the framework allows member states to take restrictive measures against cyberattacks, including to prevent, discourage, deter and respond to malicious activities.