Krispy Kreme says cybersecurity incident is impacting online orders in US 

Doughnut chain Krispy Kreme said on Wednesday that unauthorized activity on a portion of its information technology systems has disrupted certain operations, including online ordering in the United States 

Source: https://www.reuters.com/technology/cybersecurity/krispy-kreme-says-cybersecurity-incident-is-impacting-online-orders-us-2024-12-11/ 

Deloitte Responds After Ransomware Group Claims Data Theft 

Deloitte has issued a statement in response to a ransomware group’s claims regarding the theft of a significant amount of information belonging to the company. 

Source:  https://www.securityweek.com/deloitte-responds-after-ransomware-groups-claims-data-theft/ 

Blue Yonder SaaS giant breached by Termite ransomware gang 

The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. 

Source: https://www.bleepingcomputer.com/news/security/blue-yonder-saas-giant-breached-by-termite-ransomware-gang/   

Anna Jaques Hospital ransomware breach exposed data of 300K patients 

Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 310,000 patients. 

Source: https://www.bleepingcomputer.com/news/security/anna-jaques-hospital-ransomware-breach-exposed-data-of-300k-patients/ 

Romanian energy supplier Electrica hit by ransomware attack 

Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still “in progress” earlier this week. 

Source: https://www.bleepingcomputer.com/news/security/romanian-energy-supplier-electrica-hit-by-ransomware-attack/  

Ransomware attack hits leading heart surgery device maker 

Artivion, a leading manufacturer of heart surgery medical devices, has disclosed a November 21 ransomware attack that disrupted its operations and forced it to take some systems offline. 

Source: https://www.bleepingcomputer.com/news/security/ransomware-attack-hits-leading-heart-surgery-device-maker/ 

Ivanti warns of maximum severity CSA auth bypass vulnerability 

Ivanti has warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. 

Source: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/

446,000 Impacted by Center for Vein Restoration Data Breach 

Vein care provider Center for Vein Restoration is notifying over 446,000 individuals that their personal, medical, and financial information was compromised in a recent cyberattack. 

Source: https://www.securityweek.com/446000-impacted-by-center-for-vein-restoration-data-breach/ 

Atrium Health Data Breach Impacts 585,000 People 

Healthcare company Atrium Health has notified the US Department of Health and Human Services (HHS) that a recently discovered data breach impacts more than 585,000 individuals. 

Source: https://www.securityweek.com/atrium-health-data-breach-impacts-585000-people/ 

New Windows 0Day Attack Confirmed—Homeland Security Says Update Now 

Microsoft has confirmed a zero-day security vulnerability that can open up Windows devices to full system compromise is under active exploitation. The cyberattack has also been confirmed by the U.S. Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security. 

Source: https://www.forbes.com/sites/daveywinder/2024/12/11/new-windows-0day-attack-confirmed-homeland-security-says-update-now/   

Smarttech247