Cyber Security
#
Halliburton Confirms Cyberattack Amid Global Operations Disruption
Halliburton, the world’s second-largest oil service company, has confirmed it was the target of a cyberattack that disrupted operations at its Houston headquarters and several global networks. The Houston- and Dubai-based energy sector contractor, employing over 50,000 people across 70 countries, activated its incident response protocols following the breach, which has raised significant concerns...
SEA Airport Operations Near Full Recovery After Cyberattack Disrupts Systems
Officials at Seattle-Tacoma International Airport (SEA) report that operations are nearly back to normal following a cyberattack that took several critical systems offline last weekend. According to an airport spokesperson, most domestic travelers should now experience minimal disruptions, with standard wait times for checking bags.
However, the effects of the cyberattack are still being felt...
Cybersecurity Researchers Expose Multiple Exploit Campaigns Targeting Safari and Chrome Users
Cybersecurity experts have uncovered a series of sophisticated exploit campaigns targeting mobile users through now-patched vulnerabilities in Apple Safari and Google Chrome browsers. The attacks, observed between November 2023 and July 2024, were primarily aimed at unpatched devices, despite patches being available, leveraging these flaws to deploy information-stealing malware.
The Google Threat Analysis Group (TAG)...
Bank of England Official Advocates Flexible Regulation in Response to AI Disruption
A Bank of England (BoE) policymaker highlighted the dual nature of artificial intelligence (AI) as both a potential disruptor and a driver of productivity within Britain's economy. Randall Kroszner, a member of the BoE's Financial Policy Committee, emphasized the necessity for regulators to adopt adaptable approaches to rule-making in light of AI's transformative potential.
Unlike...
Bank of Italy Issues Warning Against Deepfake Fraudulent Messages
The Bank of Italy issued a stark warning on Wednesday regarding the proliferation of fraudulent video messages circulating online. These messages, facilitated by artificial intelligence (AI) technology, are being used to fabricate statements purportedly from financial authorities and other reputable institutions.
Describing the phenomenon as "deepfakes," the central bank elucidated that these deceptive messages are...
London Drugs Breached by LockBit Ransomware Group, Stores Temporarily Closed
BleepingComputer has reported that Canadian pharmacy and retail chain London Drugs fell victim to a ransomware attack orchestrated by the LockBit group last month. The attack prompted the temporary closure of all London Drugs stores across Western Canada.
LockBit, a notorious ransomware group, remains active despite recent law enforcement actions, and it has threatened to...
FTC Orders Blackbaud to Overhaul Security Practices Following Massive Data Breach
Blackbaud, a software provider based in the Lowcountry, has been ordered by the Federal Trade Commission (FTC) to revamp its security practices after a significant data breach exposed the personal information of millions of consumers. The breach, which occurred in early 2020, went undetected for three months and compromised sensitive data from 13,000 customers,...
FTC Finalizes Settlement with Blackbaud Over Data Breach
The Federal Trade Commission (FTC) has finalized a settlement with Blackbaud, a provider of financial, fundraising, and administrative software, following a 2020 ransomware attack that led to a massive data breach. This settlement requires Blackbaud to implement stringent data security measures and establish a comprehensive data retention schedule.
The 2020 ransomware attack on Blackbaud exposed...
US Financial Institutions Now Required to Disclose Data Breaches Within 30 Days – SEC Tightens Rules
In a significant regulatory update, the US Securities and Exchange Commission (SEC) has amended Regulation S-P, mandating financial institutions to disclose security breaches within 30 days of discovery. This change aims to enhance the protection of consumers' personal financial information, reflecting the evolving nature and impact of data breaches.
The updated rule affects broker-dealers, investment...
Severe Security Flaw in Fluent Bit Exposes Cloud Services to Potential Exploits
Researchers have identified a significant memory corruption vulnerability in Fluent Bit, a widely used cloud logging utility, potentially affecting major cloud platforms. The vulnerability, discovered by Tenable, has been dubbed "Linguistic Lumberjack" and poses serious risks including denial of service (DoS), data leakage, and remote code execution (RCE).
Fluent Bit, an open-source tool for collecting,...
EPA Warns of Rising Cyber Threats to U.S. Water Systems
In response to a surge in cyber-attacks on water systems, the Environmental Protection Agency (EPA) is urging municipalities across the United States to bolster their cybersecurity defenses. Recent attacks on small communities in Texas and Pennsylvania, allegedly orchestrated by foreign hackers, have highlighted vulnerabilities in the nation's water infrastructure.
An EPA inspection of drinking water...
Frontier Communications Faces Cyberattack, Assures Containment and Recovery
Frontier Communications Corporation revealed a significant cyber incident occurring on April 14, 2024, causing a notable operational disruption due to unauthorized access to its IT infrastructure. Upon detection, the telecommunications giant promptly activated its cyber incident response protocols, swiftly shutting down select systems to contain the breach.
Investigations by the company identified a cybercrime group...
ACTS Retirement Services Settles Class Action Lawsuit Over 2022 Data Breach
ACTS Retirement Services, a senior living community operator, has reached a settlement agreement in a class action lawsuit stemming from a data breach that occurred in April 2022. The settlement aims to resolve claims that ACTS failed to adequately protect patient and employee information, which was allegedly compromised during the breach.
While the company has...
Massachusetts Healthcare System Grapples with $24 Million Daily Costs Amid Change Healthcare Cyberattack
A debilitating cyberattack on Change Healthcare has imposed significant financial strains on the Massachusetts health care system, costing approximately $24 million per day. The Massachusetts Health and Hospital Association (MHA) revealed this staggering figure on Monday, based on input from 12 hospitals and health systems affected by the attack.
The cyber incident, which occurred on...
Threat Actors Exploit Facebook Messages with Python-Based Info Stealer, Snake
A new cybersecurity threat has emerged as threat actors utilize Facebook messages to distribute a Python-based information stealer known as Snake. Designed to capture credentials and sensitive data, Snake has been implicated in a campaign that transmits harvested credentials to various platforms, including Discord, GitHub, and Telegram.
The campaign, first reported on the social media...