Category: Work
-
Chick-Fil-A Suffers a Data Breach
Chick-fil-A confirmed that an entity had successfully launched an “automated attack” against the company’s website and app over the course of more than two months, stealing customers’ sensitive information. The disclosure came in a security notice filed on the California Attorney General’s website. The attack, using log-ins obtained from a third party to access member reward… Read more
-
The U.S. National Cybersecurity Strategy
The Biden-Harris Administration today released a new National Cybersecurity Strategy(Opens in a new window) which aims to “secure the full benefits of a safe and secure digital ecosystem for all Americans.” President Biden intends to use “all the tools of national power” to protect national security and public safety while allowing for economic prosperity. And it seems… Read more
-
DISH Network Suffers A Cyber Attack
Dish Network confirmed it was hit by a massive cyberattack tied to a multiday outage that downed internal billing systems, broke consumer apps and shut down several consumer-facing websites. The outage began Thursday. On Tuesday the company made its first public statement regarding the cyberattack. In an 8-K filing with the U.S. Securities and Exchange… Read more
-
U.S. Marshals Service is Victim of Ransomware Attack and Suffers A “Sensitive Data” Breach
The U.S. Marshals Service (USMS) is responding to a ransomware attack and data breach that has compromised law enforcement sensitive information. The Department of Justice (DoJ) bureau said it discovered the hack affecting a stand-alone USMS system on Feb. 17, and described it as a “major incident.” According to the agency’s Feb. 28 statement, the… Read more
-
National Cyber Director Issues Instructions for Federal Quantum Resistant Work
The Office of the National Cyber Director (ONCD) has released specific instructions to Federal agencies on inventorying their cryptographic systems as they prepare to transition to the era of quantum-resistant cryptography, per the White House’s National Security Memorandum 10 (NSM-10). ONCD’s guidelines will help instruct Federal agencies on how to inventory their most critical cryptographic systems by… Read more
-
Australia Plans To Reform Cyber Security Rules, Set Up Agency
The Australian government on Monday said it planned to overhaul its cybersecurity rules and set up an agency to oversee government investment in the field and help co-ordinate responses to hacker attacks. The move follows a rise in cyber attacks since late last year with breaches reported by at least eight companies, including health insurer… Read more
-
Fake ChatGPT Accounts Being Used to Distribute Malware
Threat actors are exploiting the popularity of OpenAI’s ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting victims to phishing pages. ChatGPT has gained immense traction since its launch in November 2022, becoming the most rapidly growing consumer application in modern history with more then100 million users by January 2023. This massive… Read more
-
Dole Operations Shut Down By Ransomware
A ransomware attack on the Dole Food Company forced the manufacturer to stop production at all its North American facilities last week, causing a lettuce supply shortage at US grocery stores. “The company recently experienced a cybersecurity incident that has been identified as ransomware,” Dole announced in a short press release on the company website Thursday. “Upon… Read more
-
GoDaddy Victimized for Two Years in Cyber Security Breach
GoDaddy, one of the world’s largest web hosting services, said in a SEC filing this week that it fell victim to a two-year security breach that saw unknown attackers steal customer and employee login details and seize company source code. The company said the attackers also installed malware that redirected customer websites to malicious sites. The attackers were… Read more
-
Activision Breach Exposed Game and Employee Data
Activision suffered a data breach in December 2022 through an SMS phishing campaign that allowed attackers to access the company’s internal systems. While the company says the incident hasn’t compromised any game source code, player details, or sensitive employee data, the attacker “exfiltrated sensitive work place documents”. It added that the threat actor also exfiltrated… Read more