Tag: supply-chain
-
Starbucks, grocery stores impacted by Blue Yonder ransomware attack
by
in SecurityNewsSupply chain management SaaS vendor Blue Yonder announced on November 21 that it experienced a ransomware attack that impacted its managed services hosted environment. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/26/starbucks-blue-yonder-ransomware-attack/
-
Major UK, US stores face ongoing disruption after ransomware attack hits supply chain giant Blue Yonder
by
in SecurityNewsThe Arizona-based firm said it has “no timeline” for restoration, following a cyberattack that caused disruption at companies around the world. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/26/major-uk-us-stores-face-ongoing-disruption-after-ransomware-attack-hits-supply-chain-giant-blue-yonder/
-
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/31/lottiefiles_supply_chain_attack/
-
Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder
by
in SecurityNewsSupply chain management provider Blue Yonder confirmed it was hit by ransomware attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/starbucks-sainsburys-ransomware/
-
Starbucks operations hit after ransomware attack on supply chain software vendor
by
in SecurityNews
Tags: ai, attack, ceo, control, crowdstrike, cybersecurity, hacker, monitoring, open-source, privacy, programming, radius, ransomware, risk, risk-assessment, service, software, supply-chain, tool, vulnerabilityStarbucks is grappling with operational challenges after a ransomware attack on a third-party software provider, affecting the company’s ability to process employee schedules and payroll, according to Reuters.Last week, Blue Yonder, a UK-based supply chain software vendor serving Starbucks and other retailers, acknowledged experiencing service disruptions due to a ransomware attack.”Blue Yonder experienced disruptions to…
-
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack
by
in SecurityNewsSupply chain management software provider Blue Yonder has been targeted in a ransomware attack that caused significant disruptions for some customers. The post Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/starbucks-grocery-stores-hit-by-blue-yonder-ransomware-attack/
-
Blue Yonder Ransomware Attack Impacts Starbucks Multiple Supermarkets
by
in SecurityNewsA ransomware attack on Blue Yonder, a leading supply chain management software provider, has created ripples across global retail and manufacturing sectors, affecting major players like Starbucks and prominent UK supermarket chains. The breach, which occurred on November 21, underscores the cyber risks organizations face during the high-stakes holiday season. Blue Yonder provides critical supply…
-
Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/retailers-struggle-after-ransomware-attack-on-supply-chain-tech-company
-
Supply chain management vendor Blue Yonder succumbs to ransomware
by
in SecurityNewsAnd it looks like major UK retailers that rely on it are feeling the pinch First seen on theregister.com Jump to article: www.theregister.com/2024/11/26/blue_yonder_ransomware/
-
Blue Yonder ransomware attack disrupts grocery store supply chain
by
in SecurityNewsSupply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain/
-
Walking the Walk: How Tenable Embraces Its >>Secure by Design<< Pledge to CISA
by
in SecurityNews
Tags: access, application-security, attack, authentication, best-practice, business, cisa, cloud, conference, container, control, credentials, cve, cvss, cyber, cybersecurity, data, data-breach, defense, exploit, Hardware, identity, infrastructure, injection, Internet, leak, lessons-learned, mfa, open-source, passkey, password, phishing, risk, saas, service, siem, software, sql, strategy, supply-chain, theft, threat, tool, update, vulnerability, vulnerability-managementAs a cybersecurity leader, Tenable was proud to be one of the original signatories of CISA’s “Secure by Design” pledge earlier this year. Our embrace of this pledge underscores our commitment to security-first principles and reaffirms our dedication to shipping robust, secure products that our users can trust. Read on to learn how we’re standing…
-
Ransomware hits supply chain software firm Blue Yonder ahead of Thanksgiving
by
in SecurityNewsThe attack against Blue Yonder led to issues for Morrisons, a U.K.-based grocery chain, in its warehouse management system for fresh food and produce. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-supply-chain-blue-yonder-thanksgiving/733888/
-
npm Package Lottie-Player Compromised in Supply Chain Attack
by
in SecurityNewsnpm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-package-lottieplayer-supply/
-
PyPI-Lieferkette im Visier: Kaspersky deckte Cyber-Angriff auf
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/pypi-lieferkette-visier-kaspersky-aufdeckung-cyber-angriff
-
Microsoft Takes Down >>ONNX<< Phishing-as-a-Service Operation
by
in SecurityNewsMicrosoft’s Digital Crimes Unit (DCU) has struck a significant blow against the cybercrime supply chain, seizing 240 fraudulent websites and disrupting a major player in the >>Phishing-as-a-Service
-
Going Beyond Secure by Demand
by
in SecurityNewsSecure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they’re not blindly trusting a provider’s software. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/going-beyond-secure-by-demand
-
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
by
in SecurityNews
Tags: access, advisory, ai, application-security, attack, backup, best-practice, breach, cisa, cloud, computer, cve, cyber, cyberattack, cybercrime, cybersecurity, data, exploit, extortion, firewall, framework, governance, government, group, guide, Hardware, incident, incident response, infrastructure, injection, intelligence, Internet, LLM, malicious, microsoft, mitigation, mitre, monitoring, network, nist, office, open-source, powershell, privacy, ransomware, regulation, risk, risk-management, russia, service, skills, software, sql, strategy, supply-chain, tactics, technology, theft, threat, tool, update, vulnerability, vulnerability-management, windowsDon’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against…
-
SEC charges 4 companies for downplaying SolarWinds attacks
by
in SecurityNewsThe U.S. Securities and Exchange Commission fined the companies for misleading investors about intrusions stemming from the SolarWinds supply chain at… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366614413/SEC-charges-4-companies-for-downplaying-SolarWinds-attack-risks
-
Securing the Foundation: The Critical Role of Hardware in Supply Chain Attacks
by
in SecurityNewsAs enterprises increasingly focus on supply chain security, a critical yet often overlooked element remains: hardware security. Many organizations fail to address the risks associated with underlying hardware, either due to misconceptions or the perceived complexity of mitigation efforts. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/securing-the-foundation-the-critical-role-of-hardware-in-supply-chain-attacks/
-
Securing the Software Supply Chain: Checkmarx One Expands its Offerings
by
in SecurityNews
Tags: ai, container, detection, exploit, programming, software, strategy, supply-chain, threat, toolThe software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to robust strategies to safeguard their supply chains, including tools like SCA scanning, AI and container security, secrets detection and repository health monitoring. Checkmarx’s..…
-
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
by
in SecurityNewsRecent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/african-reliance-on-foreign-suppliers-boosts-insecurity
-
Bipartisan Senate bill targets supply chain threats from foreign adversaries
by
in SecurityNewsThe bill would strengthen oversight powers for the body charged with investigating IT products from China and other foes. First seen on cyberscoop.com Jump to article: cyberscoop.com/federal-acquisition-security-council-improvement-act-supply-chain-security/
-
Lessons From OSC&R on Protecting the Software Supply Chain
by
in SecurityNewsA new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/lessons-from-osc-r-on-protecting-the-software-supply-chain
-
Amazon Employee Data Compromised in MOVEit Breach
by
in SecurityNewsThe data leak was not actually due to a breach in Amazon’s systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/amazon-employee-data-compromised-moveit-breach
-
‘GoIssue’ Cybercrime Tool Targets GitHub Developers En Masse
by
in SecurityNewsMarketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/goissue-cybercrime-tool-github-developers-en-masse
-
New GoIssue Tool Targets GitHub Devs And Corporate Supply Chains
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36585/New-GoIssue-Tool-Targets-GitHub-Devs-And-Corporate-Supply-Chains.html