Security News

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. The data breach notification filed with several attorney generals' offices earlier this month says the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud cloud environment before encrypting the data.

Customers including Tesla, PepsiCo and NYC transit workers are filing lawsuits over the "Real pain in the rear end" of manual inputting, inaccurate wages & more. It turns out that dragging its Kronos Private Cloud systems back has taken nearly two months.

The Log4j JNDI attack and how to prevent itThe disclosure of the critical Log4Shell vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure. Ransomware hits HR solutions provider Kronos, locking customers out of vital servicesThe end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group, one of the biggest HR and workforce management solutions providers in the US. Microsoft patches spoofing vulnerability exploited by EmotetMicrosoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability actively exploited to deliver Emotet/Trickbot/Bazaloader malware family.

We're experiencing yet another incident in which cyberattacks can affect the real world: UKG, makers of payroll and HR software, have reported a ransomware attack that has taken its Kronos Private Cloud offline, and may result in it staying that way for weeks to come. In a statement about the outage, UKG said that it has no estimated time of resolution, that its backups aren't available until they "Determine the best approach" to restoration.

The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group, one of the biggest HR and workforce management solutions providers in the US. Many organizations use Kronos for organizing workers' schedules, tracking vacations, processing payroll and bonuses, etc. "As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud-the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed," the notice sent to impacted customers has revealed.

Kronos, the workforce management platform, has been hit with a ransomware attack that it says will leave its cloud-based services unavailable for several weeks - and it's suggesting that customers seek other ways to get payroll and other HR tasks accomplished.Kronos offers a range of solutions for employee scheduling, compensation management, payroll and hours worked, benefits administration, time off management, talent acquisition, onboarding and more.

Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks. Kronos is a workforce management and human resources provider who provides cloud-based solutions for managing timekeeping, payroll, employee benefits, analytics, and more.

Kronos Private Cloud has been hit by a ransomware attack. The company, also known as Ultimate Kronos Group, provides timekeeping services to companies employing millions across the UK. Emails sent by Kronos to its corporate customers, seen by The Register, confirm the firm has pulled its private cloud services offline following a ransomware attack.

Marcus Hutchins, also known by his online alias MalwareTech, has been spared jail time in his sentencing for the creation of the Kronos malware.

The malware researcher has pleaded guilty to two out of 10 charges; one with creating the Kronos malware and the other with conspiracy.