Grocery giant Ahold Delhaize’s US operations disrupted by cyberattack

The parent company said the disruption forced it to take certain systems offline and affected some pharmacies and e-commerce services.

By Catherine Douglas Moran , Sam Silverstein • Nov. 11, 2024

Newpark Resources discloses October ransomware attack

The incident occurred just two months after an attack against oilfield services giant Halliburton.

By David Jones • Nov. 11, 2024

Halliburton incurs about $35M in expenses related to August cyberattack

The company said the intrusion forced it to delay billing and collections, but the impact is not considered material.

By David Jones • Nov. 8, 2024

Attackers target Palo Alto Networks’ customer migration tool

An actively exploited vulnerability in Expedition allows attackers to achieve admin account takeover. The product reaches end of life in January.

By Matt Kapko • Nov. 8, 2024

Microchip Technology reports $21.4M expense from August cyberattack

The chipmaker said the financial impact from the attack was immaterial and largely linked to unscheduled factory outages.

By Matt Kapko • Nov. 7, 2024

Columbus, Ohio confirms July ransomware attack compromised data of 500K people

The city notified half a million people their personal information was at risk following the attack it attributed to a foreign threat actor.

By David Jones • Nov. 6, 2024

Cyberattacks hit 1 in 3 SMBs last year

Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.

By Matt Kapko • Nov. 5, 2024

Schneider Electric investigating cyber intrusion after threat actor gains access to platform

The French multinational company has been a previous target of ransomware groups.

By David Jones • Nov. 5, 2024

CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files

Midnight Blizzard has targeted more than 100 organizations across government, IT and academia, in some cases impersonating Microsoft employees.

By David Jones • Nov. 1, 2024

MoneyGram replaces CEO, naming former Walmart executive to the role

The money transfer company named the new CEO just weeks after a cyberattack led to a systemwide shutdown of its services for several days.

By Lynne Marek • Oct. 31, 2024

Fortinet finds more malicious IPs linked to widely exploited zero-day

The cybersecurity vendor said the additional indicators of compromise don’t reflect any major changes. Researchers warn thousands of devices remain exposed.

By Matt Kapko • Oct. 31, 2024

Cisco warns actively exploited CVE can lead to DoS attacks against VPN services

The company warned the threat activity is linked to previously disclosed brute-force attacks beginning in March.

By David Jones • Oct. 28, 2024

Feds probe China-linked attacks on US telecom networks

The government’s public acknowledgment of the China-linked attacks follows a series of warnings about a broad and successful campaign to hack U.S. critical infrastructure.

By Matt Kapko • Oct. 28, 2024

SonicWall firewalls the common access point in spreading ransomware campaign

Arctic Wolf Labs researchers said SonicWall firewalls were the initial access point for at least 30 ransomware attacks since August.

By Matt Kapko • Oct. 25, 2024

Change Healthcare data breach officially affects 100M people

The breach is the largest ever reported to a portal managed by federal regulators.

By Emily Olsen • Oct. 25, 2024

Fortinet zero-day attack spree hits at least 50 customers

Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been stolen.

By Matt Kapko • Oct. 24, 2024

SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure

The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.

By David Jones • Oct. 22, 2024

Critical Veeam CVE actively exploited in ransomware attacks

Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.

By Matt Kapko • Oct. 22, 2024

Zero-day exploits swelled in 2023: Mandiant

Of the 138 actively exploited vulnerabilities disclosed in 2023 and later analyzed by the threat intelligence firm, 97 were exploited as zero-days.

By Matt Kapko • Oct. 18, 2024

US disables Anonymous Sudan infrastructure linked to DDoS attack spree

Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.

By David Jones • Oct. 17, 2024

Iran-linked attackers hit critical infrastructure with brute force

CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.

By Matt Kapko • Oct. 17, 2024

Microsoft reveals ransomware attacks against its customers nearly tripled last year

Despite the increase, the percentage of cyberattacks reaching the encryption stage continued to decline, according to a Microsoft study.

By Matt Kapko • Oct. 16, 2024

Lawmakers seek insight into China-linked attacks on telecom networks

Members of congress want to know when and how AT&T, Lumen and Verizon learned of the intrusions and what data the threat group accessed.

By Matt Kapko • Oct. 15, 2024

Clorox says 2023 cyberattack hurt progress on 2030 plastic, waste reduction goals

The company is reassessing some sustainability goals, according to its latest annual report. Data shows the company stagnated on lowering virgin material and upping PCR in packaging.

By Maria Rachal • Oct. 14, 2024

American Water Works reconnecting systems a week after cyberattack

The water utility said there is no evidence of damage to its facilities, but law enforcement and forensic experts are still investigating. 

By David Jones • Oct. 11, 2024