Firm doesn’t know when it’ll restart salty goodness deliveries
Some of Britain’s favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack.
A family pack perfectly normal single serving of KP dry roasted peanuts
Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.
The letter said:
The company said it didn’t know when the attack would be resolved.
Bleeping Computer reported they’d seen leak pages showing that the attackers were the WizardSpider ransomware gang, known for unleashing their signature Conti ransomware in a paralysing attack last year on the Republic of Ireland’s state-run health service.
KP was allegedly given five days by the extortionists to pay a ransom. So far the ransom sum demanded is not known. Representatives of KP had not answered phonecalls seeking comment.
John Vestberg, chief exec of Swedish network security firm Clavister, praised KP’s “transparency and diligence”, saying: “KP reacted in a rapid and considered fashion. Where other companies have previously failed and succumbed to paying huge ransoms, KP brought third party experts on in the earliest stages to help minimise damage and drive a forensic investigation that could be passed over to the relevant authorities.”
- Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data
- Lock up your Office macros: Emotet botnet back from the dead with Trickbot links
- Hey, Walkers. What’s the difference between crisps and chips? Answer: You can’t get either of them
- Macmillan best-biscuit list unexpectedly promotes breakfast cereal to treat status
- Hey, Walkers. What’s the difference between crisps and chips?
- UK arm of international charity the Salvation Army hit by ransomware attack
- Irish Health Service ransomware attack happened after one staffer opened malware-ridden email
“This sharing of information is one way that cybercriminals such as these attackers can be tracked down and stopped from causing more destruction in future,” he added.
The damage caused to a fast-moving consumer goods (FMCG) firm such as KP Snacks by a ransomware attack is likely to be severe. FMCG logistics, particularly in foodstuffs, are not known for their long lead times. Meanwhile, ransomware attacks can take weeks or months to fully clean up: if the ransom isn’t paid, networks need to be rebuilt from scratch before being populated with data from backups.
Over the last two years ransomware gangs have concentrated on the soft underbelly of the West: medical and pharmaceutical companies.
A recent Wired feature on Trickbot revealed that gang’s thinking: “fuck clinics in the USA this week” said one criminal in an online chat seen by the magazine. ®
Other stories you might like
-
Stop Big Tech extracting ‘monopolist rent’ from app developers? US Senate to vote on it
Billions in profits at stake for Apple and Google’s money-making machines
The US Senate Judiciary Committee on Thursday voted to pass the Open App Markets Act, despite intense lobbying from Apple and Google.
The bill, S.2710 [PDF], limits the kinds of restrictions major app platforms can impose on competitors, developers, and customers, will now be considered by a full Senate vote.
If approved, along with its companion bill H.R. 5017 [PDF] introduced in the House of Representatives last year, and then signed by President Biden, the legislation will remake an app economy that generates well over $100bn annually.
-
Privacy Shield: EU citizens might get right to challenge US access to their data
Are we nearly there yet?
Officials from the EU and US are nearing a solution in long-running negotiations over transatlantic data sharing.
Previous legal arrangements for sharing data between the two jurisdictions, the so-called Privacy Shield, were struck down by the EU Court of Justice in what became known as the Schrems II ruling in 2020.
The decision had ramifications for US cloud providers, social media sites, and providers of online tools which are still becoming clear. Although it had been commonly held that standard contractual clauses (SCCs) may offer a way to continue to share data legally, that was also in doubt. Earlier this month, the Austrian data protection authority ruled that those arrangements were insufficient for data sharing.
-
Phishing kits’ use of man-in-the-middle reverse proxies is growing, warns Proofpoint
Spoof site looks real because it is… but you’re not talking to who you think
In the beginning we had passwords. Their hackability made a lot of people very angry and passwords were widely regarded as a bad move. Then we had two-factor authentication – and now Proofpoint reckons criminals online are able to start bypassing them with transparent reverse proxies.
Phishing kits, readymade deployables used by crooks to steal victims’ login details, are increasingly capable of bypassing multi-factor authentication (MFA), the company warned today.
In a blog post Proofpoint said it sees “numerous MFA phishing kits ranging from simple open-source kits with human readable code and no-frills functionality to sophisticated kits utilizing numerous layers of obfuscation and built-in modules that allow for stealing usernames, passwords, MFA tokens, social security numbers and credit card numbers.”
-
Out of beta and ready for data: 64-bit Raspberry Pi OS is here
Now you just need a compatible device…
The Raspberry Pi Foundation has officially released the 64-bit version of the Linux-based OS Formerly Known As Raspbian.
A year and nine months after the beta was announced, the 64-bit version of the Raspberry Pi OS is ready for download.
If you’re still rocking an older Pi, be aware that the first few models had 32-bit-only CPUs. The new 64-bit OS won’t run on a Pi 1, Pi 2, or Pi Zero.
-
JumpCloud joins the patch management crowd, starting with Windows and Mac updates
Linux and mobile coming soon
Cloud directory specialist JumpCloud is moving into the crowded patch management market with an extension to its platform to automate patch updates.
Companies such as Apple or Microsoft already have varying levels of patch management tools in their armoury. JumpCloud’s take, like its directory platform, straddles devices with a centralised view across a company’s estate.
The first release will take care of Windows and Mac, with Linux following by the end of the first quarter of 2022.
-
Former tech CIO jailed for setting up £475k backhander scam with IT outsourcing firm
One-time head of Hampshire Police IT gets six years
A pro-outsourcing CIO whose first act at a new employer was to set up a £475,000 backhander scheme has been jailed for six years.
Brian Chant, 62, took the bribes after joining procurement services firm Achilles in 2011, Southwark Crown Court heard.
One of the first things he did was recommend outsourcing of various IT functions, suggesting three companies to Achilles’ board for the £22m SPTL and Systems Plus IT contracts.
-
OpenStack-to-the-edge darling StarlingX hits 6.0, makes useful config tweaks
Open-source, full-stack edge and industrial IoT software moves to Linux kernel 5.10
StarlingX, an open-source platform for edge computing based on OpenStack, has hit release 6.0 with a Linux Kernel upgrade plus security and deployment enhancements to make it easier to manage systems.
The StarlingX project offers a complete software stack for edge and IoT deployments, with support for code running in containers or virtual machines. It was started by Intel and Wind River, but is now an independent project supported by the Open Infrastructure Foundation, with code available under the Apache 2 licence.
Companies using StarlingX in production systems include T-Systems, Verizon and Vodafone, with the code freely available to download from the StarlingX website.
-
Exasol pledges to help customers avoid cloud bill shock with new DBaaS
Distributed in-memory system more efficient than other cloud data warehouses, vendor claims
Distributed in-memory analytics specialist Exasol has launched a database-as-a-service claiming its approach to parallel processing could help reduce nasty shocks in cloud fees.
According to the vendor, users buying the software-as-a-service get the ability to scale both vertically and horizontally while Exasol manages hot and cold data between the object store, local SSDs, and main memory. The back end is AWS, with which Exasol has a “deep technical partnership.”
Launching a DBaaS is very much a “me too” move for a database firm. MariaDB, for example, launched SkySQL, a MySQL-derived system, in 2020. In analytics, Snowflake has long been a managed service.
-
Jeff Bezos adds some more overheads to his $485m yacht by taking down historic bridge
Rotterdam can’t get over it
When buying a 40m-tall, three-mast luxury yacht is like you or I popping to the corner shop for a Freddo, what does it matter if a 144-year-old bridge has to be dismantled to get the thing out of the shipyard?
-
Execs keep flinging money at us instead of understanding security, moan infosec pros
Oh what a problem to have
Fresh from years of complaining about underfunding and not having enough staff to deal with problems, infosec bods are now complaining that corporate execs merely firehose cash at them without getting their own hands dirty or engaging with the problem.
That’s one conclusion that could be drawn from a Trend Micro study published yesterday. Around half of businesses surveyed are spending more on “cyber attacks” than they used to, it said, while a similar number reckon their C-suites don’t know what “cyber risk management” means – possibly something about ensuring monitors are firmly bolted to desks.
“Low C-suite engagement combined with increased investment suggests a tendency to ‘throw money’ at the problem rather than develop an understanding of the cybersecurity challenges and invest appropriately,” intoned Trend Micro.
-
Update ‘designed to improve user experience’ takes down the Microsoft 365 Admin Portal
Redmond’s quality control shines once more
Updated Microsoft’s legendary approach to quality was demonstrated this morning as the Microsoft 365 Admin Portal fell over.
Without a hint of irony, the company posted: “We’ve identified a recent service update designed to improve user experience is causing impact.”
The impact in question was an inability to access the admin portal, something unlikely to affect an end user pootling around in Excel, but a huge headache for an administrator trying to manage their tenant.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Premier Protein Shake, Chocolate, 30g Protein 1g Sugar 24 Vitamins Minerals Nutrients to Support Immune Health, 11.5 fl oz (Pack of 12)
$29.98 (as of July 4, 2024 21:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Apple AirTag 4 pack
$76.79 (as of July 4, 2024 21:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Fruit of the Loom Men's Eversoft Cotton Stay Tucked Crew T-Shirt
$16.48 (as of July 4, 2024 21:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
FOSJGO 2.4 Gal(9L) Collapsible Dish Basin with Drain Plug,Space Saving Multiuse Foldable Sink Tub,Dishpan,Kitchen Sink for Camping,Plastic Tub,Vegetable Washing,Beverage Tubs
$16.99 (as of July 4, 2024 21:17 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
