Reading view

There are new articles available, click to refresh the page.

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos […]

© 2024 TechCrunch. All rights reserved. For personal use only.

US medical device giant Artivion says hackers stole files during cybersecurity incident

Artivion, a medical device company that manufactures implantable tissues for cardiac and vascular transplant applications, says its services have been “disrupted” due to a cybersecurity incident.  In an 8-K filing with the SEC on Monday, Georgia-based Artivion, formerly CryoLife, said it became aware of a “cybersecurity incident” that involved the “acquisition and encryption” of data […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Blue Yonder investigating data theft claims after ransomware gang takes credit for cyberattack

Supply chain software giant Blue Yonder says it is investigating claims of data theft after a ransomware gang threatened to publish troves of data stolen from the company.  Arizona-based Blue Yonder, which provides supply chain management software to thousands of organizations including DHL, Starbucks and Walgreens, was hit by a cyberattack on November 21. The […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Russian court sentences kingpin of Hydra drug marketplace to life in prison

A Russian court has issued a life sentence to a man found guilty of being the kingpin of a dark web drug marketplace that supplied more than a metric ton of narcotics and psychotropic substances to customers around the world.

On Monday, the court found that Stanislav Moiseyev oversaw Hydra, a Russian-language market that operated an anonymous website that matched sellers of drugs and other illicit wares with buyers. Hydra was dismantled in 2022 after authorities in Germany seized servers and other infrastructure used by the sprawling billion-dollar enterprise and a stash of bitcoin worth millions of dollars. At the time, Hydra was the largest crime forum, having facilitated $5 billion in transactions for 17 million customers. The market had been in operation since 2015.

One-stop cybercrime shop

“The court established that from 2015 to October 2018, the criminal community operated in various regions of the Russian Federation and the Republic of Belarus,” the state prosecutor’s office of the Moscow Region said. “The well-covered activities of the organized criminal group were aimed at systematically committing serious and especially serious crimes related to the illegal trafficking of drugs and psychotropic substances.”

Read full article

Comments

© Getty Images | Charles O'Rear

US government contractor ENGlobal says operations are ‘limited’ following cyberattack

ENGlobal Corporation, a provider of engineering and automation services to the U.S. energy sector and federal government, says it has restricted access to its IT systems following a cyberattack, limiting the company to essential business operations only. In an 8-K filing with the SEC on Monday, Texas-based ENGlobal said it became aware of a “cybersecurity […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Retail outages drag into second week after Blue Yonder ransomware attack

A ransomware attack on supply chain software giant Blue Yonder continues to cause disruption to the company’s customers, almost two weeks after the outage first began. In a brief update to its cybersecurity incident page on Sunday, Arizona-based Blue Yonder said it is making “good progress” in its recovery from the attack, which hit its […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Ransomware attack leaves Starbucks using pens and paper to track employee hours

A Starbucks barista handing off a reusable cup drink
Starbucks' payment and scheduling system has been hit with a ransomware attack, causing disruptions in employee pay, Business Insider has learned.

Starbucks

  • Starbucks' payment and scheduling system has been hit with a ransomware attack.
  • The coffee company issued guidance for workers about how to handle pay disruptions caused by the outage.
  • The outage at Blue Yonder, which makes the software, also impacted grocery stores and Fortune 500 firms.

The software company behind Starbucks' payment and scheduling system has been experiencing a dayslong ransomware attack, causing outages that are disrupting employee pay.

The attack on Blue Yonder, the company that makes the software, began on November 21 and has caused outages in Starbucks's system for tracking employee hours and payments.

According to documents reviewed by Business Insider, Starbucks has issued guidance to its employees about how to handle pay disruptions caused by the Blue Yonder outage. Starbucks told its employees that payment for the period ending on November 17 would be unaffected, but there may be discrepancies in the following pay period.

"We will ensure partners who receive less than their worked hours or intended sick and/or vacation time will be paid correctly, as soon as possible," the internal documents read.

The outage has forced employees to track their shifts using pens and paper, according to Bloomberg.

The documents viewed by BI indicate that employees who are missing pay from their checks should notify their store managers as soon as possible. Any underpayment will be resolved in the next pay period. Any payment overages resulting from an employee being paid for a scheduled shift from November 18 through November 24 that they did not report to work for will not be required to be paid back, the documents say.

A Starbucks partner in the South said their manager told them on Monday that employees who had paid time off planned for the affected weeks won't be paid for that time until the outage has been fixed.

That's "potentially very bad for some partners taking vacation around the holidays," the partner told Business Insider.

A spokesperson for Starbucks told Business Insider that the company is working to ensure its partners are paid for their hours worked with limited disruption, and indicated the outage has not disrupted customer-facing technology or service in any of its locations.

Blue Yonder's software is also used by major grocery store chains and Fortune 500 firms, CNN reported.

Similar cyber attacks have previously left companies like Sony and car dealerships across America using pen and paper for administrative tasks and sales transactions.

"Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident," a spokesperson for the company told Business Insider in a statement. "Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols."

The software company does not currently have a timeline for resolution of the issue, according to a webpage the company has published for customers impacted by the attack.

Read the original article on Business Insider

❌