Industrial giant Rockwell Automation announced on Monday that it has signed a definitive agreement to acquire Verve Industrial Protection, a cybersecurity company specializing in industrial control systems (ICS) and operational technology (OT). Verve’s managed OT/ICS security platform provides asset inventory, vulnerability management, patch management, configuration management, SIEM, incident response, and backup and restore capabilities. In […]
Insurance giant Lloyd’s of London has published a systemic risk scenario of a cyber-attack resulting in global economic losses of $3.5trn. The scenario involves “a hypothetical but plausible” cyber-attack on a major financial services payment system, leading to widespread disruption to global businesses. Working with the Cambridge Centre for Risk Studies, the research explored nine […]
Genetic testing giant 23andMe confirmed that a data scraping incident resulted in hackers gaining access to sensitive user information and selling it on the dark web. The information of nearly 7 million 23andMe users was offered for sale on a cybercriminal forum this week. The information included origin estimation, phenotype, health information, photos, identification data […]
Server and computer hardware giant Supermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware. The issues (tracked as CVE-2023-40284 to CVE-2023-40290) could allow remote attackers to gain root access to the BMC system, firmware supply chain security firm Binarly, which identified the bugs, explains. A special chip on server […]
Cloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation state-backed APTs like Volt Typhoon and Sandworm. MadPot, the brainchild of AWS software engineer Nima Sharifi Mehr, is described as “a sophisticated system of monitoring sensors and automated response capabilities” that entraps malicious […]
Cleaning product giant Clorox told regulators on Monday that it is still dealing with production issues following a cyberattack that was announced one month ago. In regulatory filings with the SEC, the company said the cyberattack “damaged portions of the Company’s IT infrastructure, which caused widescale disruption of Clorox’s operations.” The company said it implemented […]
Search giant Google agreed to a $93 million settlement with the state of California on Thursday over its location-privacy practices. The settlement follows a $391.5 million settlement with 40 states, reached in November 2022, to resolve an investigation into how the company tracked users’ locations. The states’ investigation was sparked by a 2018 Associated Press […]
Hospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties. A brief note posted to X (the website formerly known as Twitter) said external cybersecurity experts and law enforcement are involved in […]
Travel booking giant Sabre said it was investigating claims of a cyberattack after a tranche of files purportedly stolen from the company appeared on an extortion group’s leak site. “Sabre is aware of the claims of a data exfiltration made by the threat group and we are currently investigating to determine their validity,” Sabre spokesperson […]