A cyber-attack has been carried out against major German logistics provider Hellmann Worldwide Logistics.  The security incident forced Hellmann to take its central data center offline yesterday. Today, operations at the Osnabrück-based company remain disrupted.  Hellmann said that since the attack was discovered, it has been under the constant observation of its Global Crisis Taskforce, which is analyzing the incident. The company has also hired “external renowned security specialists” to investigate the attack. “As a precautionary…

Critical vulnerability in the popular logging library, Log4j 2, impacts a number of services and applications, including Minecraft, Steam and Apple iCloud. Attackers have begun actively scanning for and attempting to exploit the flaw. Background On December 9, researchers published proof-of-concept (PoC) exploit code for a critical vulnerability in Apache Log4j 2, a Java logging library used by a number of applications and services including but not limited to: Dubbed Log4Shell by researchers, the origin…

HackerOne reports that hackers are reporting more bugs and earning bigger bounties, but is an increase in testing or an increase in software vulnerabilities the cause of the jump? He just wants to help you find your bugs. Image: Shutterstock/Krakenimages.com Bug bounty hub HackerOne has announced that its user base of freelance bounty-hunting hackers have reported a whopping 66,000+ verified vulnerabilities in 2021, a 20% increase over last year’s total. What, exactly, could be going…

Research from Kaspersky finds that a quarter of phishing sites are gone within 13 hours — how in the world can we catch and stop cyber criminals that move so quickly? Image: Vladimir Obradovic, Getty Images/iStockphoto Research from cybersecurity firm Kaspersky has found that most phishing websites vanish or go inactive within days, giving us yet another reason to fear phishing: It’s fly-by-night, hard to track and happens in a flash.  Kaspersky’s in-depth analysis of…

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the…

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The French national cybersecurity agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) revealed that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. Le CERT-FR vient de publier un rapport sur des campagnes d’hameçonnage du mode opératoire d’attaquants Nobelium contre des entités françaises menées depuis février 2021. Des indicateurs…

An investigation into the springtime cyber-attack on HSE Ireland has found that criminals spent two months inside the healthcare system’s computer network before deploying ransomware. The attack, which struck HSE Ireland with Conti ransomware in mid-May, forced the health service to take its IT systems offline, leading to the cancellation of multiple hospital appointments. An investigation into the cybercrime, launched by Ireland’s national police service, Gardai, led to the September seizure of several domains involved in the attack. …

Cyber-thieves hacked into the computer network of Swedish car manufacturer Volvo and exfiltrated research and development secrets. The carmaker posted a notice on its website yesterday stating that it had suffered a cybersecurity breach in which a limited amount of data was stolen.  Though the quantity of data swiped in the incident was small, Volvo warned that its loss may have an impact on the company’s operations.  Volvo did not disclose the date on which the attack took place,…