Cyber Security

Halliburton, the world’s second-largest oil service company, has confirmed it was the target of a cyberattack that disrupted operations at its Houston headquarters and several global networks. The Houston- and Dubai-based energy sector contractor, employing over 50,000 people across 70 countries, activated its incident response protocols following the breach, which has raised significant concerns...

Officials at Seattle-Tacoma International Airport (SEA) report that operations are nearly back to normal following a cyberattack that took several critical systems offline last weekend. According to an airport spokesperson, most domestic travelers should now experience minimal disruptions, with standard wait times for checking bags. However, the effects of the cyberattack are still being felt...

Cybersecurity experts have uncovered a series of sophisticated exploit campaigns targeting mobile users through now-patched vulnerabilities in Apple Safari and Google Chrome browsers. The attacks, observed between November 2023 and July 2024, were primarily aimed at unpatched devices, despite patches being available, leveraging these flaws to deploy information-stealing malware. The Google Threat Analysis Group (TAG)...

A Bank of England (BoE) policymaker highlighted the dual nature of artificial intelligence (AI) as both a potential disruptor and a driver of productivity within Britain's economy. Randall Kroszner, a member of the BoE's Financial Policy Committee, emphasized the necessity for regulators to adopt adaptable approaches to rule-making in light of AI's transformative potential. Unlike...

The Bank of Italy issued a stark warning on Wednesday regarding the proliferation of fraudulent video messages circulating online. These messages, facilitated by artificial intelligence (AI) technology, are being used to fabricate statements purportedly from financial authorities and other reputable institutions. Describing the phenomenon as "deepfakes," the central bank elucidated that these deceptive messages are...

BleepingComputer has reported that Canadian pharmacy and retail chain London Drugs fell victim to a ransomware attack orchestrated by the LockBit group last month. The attack prompted the temporary closure of all London Drugs stores across Western Canada. LockBit, a notorious ransomware group, remains active despite recent law enforcement actions, and it has threatened to...

Blackbaud, a software provider based in the Lowcountry, has been ordered by the Federal Trade Commission (FTC) to revamp its security practices after a significant data breach exposed the personal information of millions of consumers. The breach, which occurred in early 2020, went undetected for three months and compromised sensitive data from 13,000 customers,...

The Federal Trade Commission (FTC) has finalized a settlement with Blackbaud, a provider of financial, fundraising, and administrative software, following a 2020 ransomware attack that led to a massive data breach. This settlement requires Blackbaud to implement stringent data security measures and establish a comprehensive data retention schedule. The 2020 ransomware attack on Blackbaud exposed...

In a significant regulatory update, the US Securities and Exchange Commission (SEC) has amended Regulation S-P, mandating financial institutions to disclose security breaches within 30 days of discovery. This change aims to enhance the protection of consumers' personal financial information, reflecting the evolving nature and impact of data breaches. The updated rule affects broker-dealers, investment...

Researchers have identified a significant memory corruption vulnerability in Fluent Bit, a widely used cloud logging utility, potentially affecting major cloud platforms. The vulnerability, discovered by Tenable, has been dubbed "Linguistic Lumberjack" and poses serious risks including denial of service (DoS), data leakage, and remote code execution (RCE). Fluent Bit, an open-source tool for collecting,...

In response to a surge in cyber-attacks on water systems, the Environmental Protection Agency (EPA) is urging municipalities across the United States to bolster their cybersecurity defenses. Recent attacks on small communities in Texas and Pennsylvania, allegedly orchestrated by foreign hackers, have highlighted vulnerabilities in the nation's water infrastructure. An EPA inspection of drinking water...

Frontier Communications Corporation revealed a significant cyber incident occurring on April 14, 2024, causing a notable operational disruption due to unauthorized access to its IT infrastructure. Upon detection, the telecommunications giant promptly activated its cyber incident response protocols, swiftly shutting down select systems to contain the breach. Investigations by the company identified a cybercrime group...

ACTS Retirement Services, a senior living community operator, has reached a settlement agreement in a class action lawsuit stemming from a data breach that occurred in April 2022. The settlement aims to resolve claims that ACTS failed to adequately protect patient and employee information, which was allegedly compromised during the breach. While the company has...

A debilitating cyberattack on Change Healthcare has imposed significant financial strains on the Massachusetts health care system, costing approximately $24 million per day. The Massachusetts Health and Hospital Association (MHA) revealed this staggering figure on Monday, based on input from 12 hospitals and health systems affected by the attack. The cyber incident, which occurred on...

A new cybersecurity threat has emerged as threat actors utilize Facebook messages to distribute a Python-based information stealer known as Snake. Designed to capture credentials and sensitive data, Snake has been implicated in a campaign that transmits harvested credentials to various platforms, including Discord, GitHub, and Telegram. The campaign, first reported on the social media...