Blue Yonder Software Hack Impacting UK Grocery and FMCG Stores

Summary A ransomware attack on Blue Yonder, a supply chain software provider for major supermarkets and fast-moving consumer goods (FMCG) suppliers, has severely disrupted operations. Blue Yonder confirmed the attack impacted its private cloud services, which support demand forecasting, automated ordering, and warehouse and supply management. A task force, alongside with third-party cybersecurity firms, is…

Read More

New Report Analyzes Cyber Threats Facing Retail and Hospitality Industry During Holiday Season

VIENNA, VA (November 19, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) released its annual Holiday Season Cyber Threat Trends report, revealing that fraud and ransomware are expected to plague the threat landscape facing retailers, hospitality, and travel businesses during their busiest season. The report predicts that social engineering, ransomware, and…

Read More

Financially Motivated Threat Actor, SilkSpecter, Targeting Black Friday Shoppers

Summary In early October 2024, EclecticIQ analysts discovered a large-scale phishing campaign targeting e-commerce shoppers in Europe and the USA. This campaign, which capitalized on the heightened online shopping activity around Black Friday, is believed to have been orchestrated by a Chinese financially motivated threat actor, referred to as SilkSpecter. The campaign enticed victims with fake discounted…

Read More

Holiday 2024: The Bot Battle for Black Friday and Cyber Monday

The battle between humans and bots is heating up, with Black Friday and Cyber Monday standing as prime targets. Some “Black Friday” holiday shopping events have already begun. Based on Kasada’s 2023 findings, the trends observed last year offer valuable insights and preparation strategies for 2024. With threat actors more sophisticated than ever, retailers must…

Read More

Iranian TA455 Initiates Dream Job Campaign to Target Aviation and Other Critical Industries with Malware

Executive Summary Researchers from ClearSky Cyber Security has uncovered a new cyber espionage campaign attributed to TA455, a subgroup of the Iranian cyber threat actor known as Charming Kitten (also known as APT35). The cyber espionage campaign, which has been active since at least September 2023, has targeted critical industry sector entities in the aerospace, aviation, and…

Read More