Security News

Federal law enforcement is now looking into a cyberattack at a water treatment plant in Oldsmar, FL where someone was able to remotely access systems and add a dangerous amount of chemicals to the town's water supply. On Monday, Pinellas County Sheriff Bob Gualtieri explained during a press conference that an employee at Oldsmar's water treatment facility saw his mouse moving independently of him on Friday morning but thought nothing of it-it's common for people in the field to remotely access systems through their TeamViewer software.

Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. Back in November, cybercriminals attacked hundreds of thousands of Spotify users utilizing this approach, prompting the streaming music service to issue password-reset notices.

Austria-based crane manufacturer Palfinger on Monday informed customers that its IT infrastructure suffered serious disruptions as a result of an "Ongoing global cyber attack." "Currently, the PALFINGER AG and the majority of its sites are the target of an ongoing global cyber-attack with massive effects on its IT infrastructure. The extent and consequences of the attack cannot be assessed at this time, but intensive efforts are being made to find a solution," reads a message currently greeting users who access the company's website.

A coastal South Carolina county says hackers broke into its computer network over the weekend. A statement from Georgetown County's local government Monday said the county's computer network "Suffered a major infrastructure breach over the weekend." Most of the county's electronic systems, including emails, were impacted.

Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations. Palfinger is a leading maker of crane and lifting solutions commonly used for construction, and land and sea lifting, loading, and handling solutions.

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach. The US government believes that this attack was conducted by a Russian state-sponsored hacking group whose goal was to steal cloud data such as email and files from high profile US corporations and government agencies.

The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures.

Such attacks often occur when employees work remotely and use a mixture of personal and business devices to access cloud services. Organizations with remote workers who use cloud-based services are being warned of several recent successful cyberattacks against those services.

Organizations frequently only apply access controls to humans, despite the risks associated with cyberattacks and data breaches linked to non-human workers and their privileged access to sensitive information. Organizations must track and manage the lifecycle approach to non-human workers.

The Reserve Bank of New Zealand - Te Pūtea Matua - says Accellion's FTA file sharing service was involved in a security incident disclosed on Sunday. The malicious incident, the bank said, involved a service that stored commercially and personally sensitive information, but could not provide specific details on the type of data that might have been accessed.