Search
Close this search box.

Be Cybersafe – 28th December

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” margin_top=”1px” flex_align_items=”center” flex_justify_content=”flex-start”][fusion_builder_row][fusion_builder_column type=”1_1″ type=”1_1″ layout=”1_1″ background_position=”left top” border_style=”solid” border_position=”all” spacing=”yes” background_repeat=”no-repeat” margin_top=”0px” margin_bottom=”0px” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” hover_type=”none” first=”true” background_blend_mode=”overlay” min_height=”” link=””][fusion_text]

Welcome to the latest edition of the Cybersafe Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.

Snatch ransomware group claims a major attack on Kraft Heinz

The notorious Snatch ransomware group has declared responsibility for orchestrating a significant cyber attack on Kraft Heinz, a prominent American food manufacturer. The group initially listed Kraft Heinz on its dark web platform on August 16, but the information became publicly visible on December 14. Despite the claim, the Snatch ransomware group has not provided any data samples to substantiate their assertions.

The cyber attack has raised concerns about the potential compromise of sensitive information and the overall impact on the company’s operations.

Acknowledging the situation, a spokesperson for Kraft Heinz confirmed that the company is actively investigating the claims made by the Snatch ransomware group. The focus of the investigation revolves around a decommissioned marketing website hosted on an external platform. The spokesperson emphasised that internal systems usually operate as of the current assessment, and there is no discernible evidence of a broader attack. Despite the reassurances, it remains unclear whether the hacker group has demanded a ransom or if the cyber attack has affected the day-to-day operations of the food and beverage giant.

This incident follows a broader trend in 2023, where leading food producers increasingly become targets of cyber attacks. Earlier in the year, Dole, a significant player in the Ireland-based food production industry, fell victim to a sophisticated ransomware attack. The attack compromised Dole employees’ sensitive personal information and disrupted the company’s daily operations.

In response to the incident, Dole promptly contained the attack upon detection. They also enlisted the services of reputable third-party cyber security experts and notified law enforcement agencies. The cyber attack impacted at least 3,885 individuals.

As the frequency and sophistication of cyber attacks on major food producers continue to rise, the industry faces heightened challenges in safeguarding sensitive data and ensuring the uninterrupted flow of daily operations. The incidents involving both Kraft Heinz and Dole underscore the critical need for robust cyber security measures in the increasingly digitised food and beverage sector landscape.

Xfinity reveals data breach linked to Citrix server hack

Comcast Cable Communications, operating as Xfinity, disclosed a data breach linked to a Citrix server hack between October 16 and 19. The intrusion was discovered following malicious activity on the network after Citrix security updates for a critical vulnerability named Citrix Bleed (CVE-2023-4966) on October 25. Security firm Mandiant confirmed active exploitation of this flaw as a zero-day from late August 2023.

Xfinity’s investigation revealed data exfiltration impacting an undisclosed number of customers, compromising usernames, hashed passwords, names, contact information, dates of birth, and secret questions and answers. Despite proactive password reset requests, users reported receiving these requests without clear explanations.

This incident follows a prior pattern, as Xfinity customers experienced widespread account hacks a year ago through credential-stuffing attacks that bypassed two-factor authentication. Compromised accounts were used to reset passwords for external services like Coinbase and Gemini crypto exchanges.

In response, Xfinity has recommended password resets and urged users to enable two-factor or multi-factor authentication for enhanced security. While no reported ransom demand or evidence of customer data leakage has emerged, Xfinity emphasised its commitment to customer protection and stated that its operations remained unaffected, highlighting the importance of continuous cyber security vigilance.

Newsquest cyber attack: DDoS attack impacts news publishing on several sites

Newsquest, a prominent UK-based regional media group owned by American mass media holding company Gannet, encountered a significant cyber attack affecting its daily operations and impeding journalists from publishing content. The disruption stemmed from a Distributed Denial of Service (DDoS) attack, as reported by local news agencies.

The DDoS attack, initiated on Monday, involved flooding Newsquest’s websites and apps with excessive traffic, causing intermittent disruptions and impacting reader experiences. The media organisation assured its audience that, despite the incident, there was no evidence of compromised reader or subscriber data, and none of its systems sustained damage.

In response to the cyber attack, Newsquest promptly notified the National Cyber Security Centre and law enforcement, collaborating with them to resolve the issue swiftly. The attack emphasises the severity of DDoS attacks, noting their potential to conceal data breaches and disrupt organisational operations.

Throughout the years, we’ve highlighted the importance of IoT security, emphasising the role of IoT devices in executing DDoS attacks when recruited into botnets. It is recommended to integrate IoT devices into corporate security programs, conducting continuous assessments, and vulnerability testing to prevent their accidental involvement in DDoS attacks against other organisations.

This incident underscores the critical need for robust cyber security measures in the B2B landscape to safeguard against evolving cyber threats.

—————————————————————————————————————————–

Contact Neuways to help your business become

Cybersafe

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today.

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name