Cyber Attack on Clorox: first quarter business results collapse 

#clorox #ransomware #system #attack #shutdown #business #result #collapse #impact #performance #cybercrime #cybersecurity

The manufacturer of household goods said that the event affected IT systems and had a significant impact on its fiscal Q1 performance.

One month after taking some systems offline due to a cyberattack, the Clorox firm is experiencing production limitations, the firm stated in a filing with the Securities and Exchange Commission on Monday.

According to Clorox, the attack, which was made public in a filing on August 14, damaged a portion of its IT infrastructure and caused significant business disruption.

Officials at Clorox anticipate that automated order processing will resume the following week, and they intend to gradually scale up production.

→ Read more on cybersecuritydiv.com 


Unknown 'Sandman' Threat Actor Attacks Telecom Companies on Three Continents 

#threatactor #unknown #global #telecommunication #network #company #campaign #attack #deliver #sector #cybercrime #cybersecurity

A series of cyberattacks against telecommunicator providers in the Middle East, Western Europe, and the South Asian subcontinent have been linked to a hitherto unknown threat actor known as Sandman.

It is noteworthy that the incursions use the just-in-time (JIT) LuaJIT compiler to deliver the unique LuaDream implant.

However, the data at hand points to a cyber espionage adversary with a proclivity for attacking the telecom sector globally. Neither the campaign nor its tactics have been linked to any recognised threat actor or group. In August 2023, the attacks were initially seen over a period of time.

→ Read more on thehackernews.com 


Ransomware attack against the Greater Manchester Police 

#ransomware #police #manchester #system #thirdparty #sensitivedata #personalinformation #employee #data #idtheft #access #cybercrime #cybersecurity

Greater Manchester Police (GMP) in the UK has acknowledged that thieves have obtained some of its data after an attack on a third-party supplier in charge of ID badges.

The names and images of police officers that were kept by the supplier for use on thousands of ID badges were among the stolen data, according to the Manchester Evening News.

Greater Manchester Police (GMP) Assistant Chief Constable Colin McFarlane stated, "We are aware of a ransomware attack affecting a third-party supplier of various UK organisations, including GMP, which holds some information on those employed by GMP."

Officers who were concerned about what information might now be in the hands of criminals would find great comfort in McFarlane's statement that the force did not believe financial information was included.

→ Read more on theregister.com 


Air Canada admits system breach, employee data disclosed 

#aircanada #company #systemdata #employeedata #databreach #systembreach #access #unauthorise #admit #details #arline #cybercrime #cybersecurity

Air Canada disclosed on Wednesday that a recent cyberattack resulted in a compromise of its internal networks, allowing the hackers to access personnel details without authorization.

Limited information on when the attack was first identified was provided in a statement on Canada's flag carrier airline's website late on Wednesday, when it reported the breach.

According to Air Canada, all systems, including those involved in aircraft operations and customer-facing systems, are completely functional.

Air Canada, a Montreal-based airline, stated that "no customer information was accessed," but more than 36,000 of its staff members may have had their personal information exposed.

→ Read more on cybernews.com 


DDoS attacks with IoT are promoted in over 700 dark web ads for 2023 

#ddos #attack #iot #promoted #darkweb #offer #ads #internet #target #include #exploits #services #device #cybercrime #cybersecurity

According to a recent Kaspersky analysis, over 700 advertising offering Distributed Denial of Service (DDoS) attacks using Internet of Things (IoT) devices have appeared on the dark web in the year 2023.

These services range in price from $20 per day to $10,000 per month, depending on variables like DDoS protection and target verification. These services typically run about $63.50 per day, or $1350 per month.

Additionally, the dark web acts as a hub for IoT malware bundles that include infrastructure and tools as well as exploits for zero-day vulnerabilities in IoT devices.

There are various strains of IoT malware, many of which descended from the notorious Mirai malware of 2016.

→ Read more on infosecurity-magazine.com 


Criminal man pleads guilty to attempted $6m BEC email theft 

#guilty #man #pleads #attempt #theft #email #addresses #company #target #money #payment #victim #bank #account #business #cybercrime #cybersecurity

Goodness, Kosi Simon-Ebo, a Nigerian native aged 29 who was extradited to the US from Canada in April, entered a plea of guilty to wire fraud and money laundering via business email compromise (BEC).

Simon-Ebo acknowledged that, in 2017, he and others in the US planned to hack employee and company email accounts while he was living in South Africa.

Scammers utilised these accounts to send emails to businesses with phoney sender addresses that appeared to be from reliable partners.

The victims sent money to bank accounts controlled by Simo-Ebo and his accomplices as a result of the emails' payment demands and wiring instructions.

→ Read more on bleepingcomputer.com 


Ransomware group claims data breach at Sony Corporation 

#sony #corporation #ransomware #group #claim #databreach #system #organisation #effect #victim #strategy #cybercrime #cybersecurity

The notorious ransomware organisation RANSOMEDVC asserted that it has effectively infiltrated Sony organisation Corporation, a major Japanese multinational conglomerate. This assertion was made in listings on the group's clearnet and dark web platforms, where it claimed to have completely compromised all Sony systems.

According to the ransomware organisation, it has "successfully compromised all of Sony's systems." The RANSOMEDVC ransomware organisation has adopted a different strategy from the standard ransomware tactic of locking the victim's machine, interfering with IT functions, and demanding a ransom for the decryption key.

The organisation has announced its plan to monetize the stolen material instead of making ransom demands, citing Sony's apparent unwillingness to cooperate with their requests.

→ Read more on hackread.com 


In the first part of the year, ransomware assaults increased cyber insurance claims 

#ransomware #insurance #rise #attacks #fisrthalfofyear #cyber #blackcat #lockbit #company #report #cybercrime #cybersecurity

A cyber insurance company reported a sharp increase in claims during the first half of the year, as well as an increase in the costs associated with attacks.

Ransomware was the "largest driver of the increase in claims frequency," according to a Coalition investigation. Through the end of June, claims frequency was up 12% from the previous year. Almost one in five cyber incidents involving insurance claims featured ransomware, with Royal, BlackCat, and LockBit 3.0 being the three most prevalent types.

A massive increase from the previous record sum of more than $227,000 in the second half of last year, ransomware victims reported an average loss of more than $365,000.

→ Read more on therecord.media 


Iranian Hackers Target Defence Organisations and Pharmaceutical Companies with Password Spray Attacks 

#hacker #target #sprayattacks #email #account #company #password #login #access #theft #research #report #discover #cybercrime #cybersecurity

Peach Sandstorm (APT33) is a recognised nation-state threat that has been active since at least 2013 and is known to carry out the majority of its operations in Iran during regular business hours.

The Iranian hackers have primarily concentrated on stealing valuable research papers, but they have also targeted intelligence acquired from other targets in the US, Europe, and the Middle East. The defence organisations of whatever country were penetrated or targeted are not mentioned in the report.

The gang has long posed a sophisticated threat, using a range of strategies and occasionally residing undetected on target systems for months or years. Password spray attacks are also nothing new; they have been used frequently for at least a few years, although it appears that both have improved.

→ Read more on cpomagazine.com 


From the largest hospitals in North Carolina, a cyberattack may have stolen personal data 

#hospital #healthsector #cyberattack #stolendata #personaldata #patientdata #datatheft #databreach #cybercrime #cybersecurity

The largest medical systems in North Carolina, including UNC, Duke, Atrium, and ECU, may have had personal information taken as part of an extensive global cyberattack that was detected earlier this year.

A attack of Progress Software's MOVEit service, which the firm utilised to transfer patient information, also affected Nuance Communications, a provider of health care software, Nuance said in a statement on Friday.

In a warning dated September 15, Nuance stated that the breach occurred on May 28 and May 29.

According to the business, the data "includes individual demographic data and data regarding services received."

The FBI and the federal Cybersecurity and Infrastructure Security Agency claim that the ransomware group CL0P is responsible for the attack.

→ Read more on spectrumlocalnews.com 


+49 89 360 5310 | security-awareness@metafinanz.de

The editors are not responsible for the content of each article.