Yodel parcel delivery service confirmed that it suffered a cyber incident that disrupted distribution operations leaving customers unable to track orders or reach customer support.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Threat actors exploited Log4Shell vulnerability on unpatched VMware servers to gain access, move laterally, deploy malware, and exfiltrate sensitive information.
The Russian hackers call themselves "Killnet" and first made the news in April with declarations of intent to conduct cyber attacks on critical infrastructure in other countries. The group has been linked to prior DDoS campaigns.
Blockchain bridge was hit for about $100 million in crypto hack as attackers potentially exploited a signature vulnerability that security researchers had been warning about on Twitter for months.
While cyber defense efforts like those backed by DoE are clearly a net positive for the nation, the prospective contributions of these and other efforts must be tempered by both practical assessment of the strategic context of foreign critical infrastructure attacks.
Threat actors accessed personally identifiable information (PII) and Social Security numbers of more than 1.5 million customers in the Flagstar Bank data breach.
Conti is able to breeze through ransomware attacks in as little as three days thanks to a polished setup that has been years in the making: custom ransomware and tools, a disciplined working schedule and a business-like structure.
The study draws on a sample of over 1,000 C-Suite and board members and analyzed their personal devices and home network security and privacy. 87% of executive devices have no security measures at all installed.
As the world becomes more digitally integrated, hacker groups will continue to take advantage of the physical blindspot that many companies have to launch attacks against digital infrastructure. A cyberthreat that comes by way of a physical device is known as a “phygital” threat.
Exploitable features are the favored means by which to penetrate OT devices, and the current research finds that they continue to be an issue in industrial control systems.