"Canadian powe company hit by cyberattack."
Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters. and correspondents. Accessed on 04 May 2025, 2134 UTC.
Content and Source: "The CyberWire Daily Briefing", 04 May 2025.
https://thecyberwire.com/newsletters/daily-briefing/14/84
Please check link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
Daily Briefing for 05.02.25
Announcement
Live discussion: Strengthen Your Web App Defenses.
Web applications remain a top attack vector for cybercriminals, according to the latest Verizon DBIR. Join Outpost24’s Laura EnrÃquez and their Ghostlabs team for a live discussion with N2K CyberWire’s Dave Bittner on today’s web application threats, vulnerabilities, and practical strategies to strengthen your defenses. Don’t miss this expert conversation. Register now to join live or access it on-demand.
Web applications remain a top attack vector for cybercriminals, according to the latest Verizon DBIR. Join Outpost24’s Laura EnrÃquez and their Ghostlabs team for a live discussion with N2K CyberWire’s Dave Bittner on today’s web application threats, vulnerabilities, and practical strategies to strengthen your defenses. Don’t miss this expert conversation. Register now to join live or access it on-demand.
The real-world impact of the Microsoft for Startups Founders Hub.
This week on our Microsoft for Startups Spotlight at RSAC 2025, Microsoft’s Kevin Magee and N2K’s Dave Bittner spoke with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, listen in.
Summary
This week on our Microsoft for Startups Spotlight at RSAC 2025, Microsoft’s Kevin Magee and N2K’s Dave Bittner spoke with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, listen in.
At a glance.
- Canadian power company hit by cyberattack.
- UK luxury department store Harrods discloses attempted cyberattack.
- Ascension Health discloses another breach.
- California man pleads guilty to stealing Disney data.
- Canadian power company hit by cyberattack.
- UK luxury department store Harrods discloses attempted cyberattack.
- Ascension Health discloses another breach.
- California man pleads guilty to stealing Disney data.
Canadian power company hit by cyberattack.
Halifax-based electric utility Nova Scotia Power and its parent company Emera have shut down parts of their IT networks while responding to a cyberattack, SecurityWeek reports. The attack disrupted the utility's customer care phone line and online portal, but did not affect physical operations.
The companies stated, "There remains no disruption to any of our Canadian physical operations, including at Nova Scotia Power’s generation, transmission, and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted the utility’s ability to safely and reliably serve customers in Nova Scotia. There has been no impact to Emera’s US or Caribbean utilities."
CBC News reports that the utility is only responding to emergencies and outages, leaving some new customers unable to turn their power on.
Control what runs in your environment. Reduce your attack surface.ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
Halifax-based electric utility Nova Scotia Power and its parent company Emera have shut down parts of their IT networks while responding to a cyberattack, SecurityWeek reports. The attack disrupted the utility's customer care phone line and online portal, but did not affect physical operations.
The companies stated, "There remains no disruption to any of our Canadian physical operations, including at Nova Scotia Power’s generation, transmission, and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted the utility’s ability to safely and reliably serve customers in Nova Scotia. There has been no impact to Emera’s US or Caribbean utilities."
CBC News reports that the utility is only responding to emergencies and outages, leaving some new customers unable to turn their power on.
ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
UK luxury department store Harrods discloses attempted cyberattack.
London luxury department store Harrods has "restricted internet access" at its locations following an attempted cyberattack, the BBC reports. The company says its flagship store remains open, and customers can still shop online.
Two other major UK retailers, Marks & Spencer and Co-op, are currently recovering from disruptive cyberattacks. The UK's National Cyber Security Centre (NCSC) chief executive Dr. Richard Horne said in a statement, "The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers, and the public. The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture."
Horne added, "These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively."
Only the Right Users, Only the Right Access—Is Your Security Strong Enough?Secure Access is crucial for U.S. Public Sector missions, ensuring that only authorized users can access certain systems, networks, or data - are your defenses ready? Cisco's Security Service Edge delivers comprehensive protection for your network and users. Experience the power of zero trust and secure your workforce, wherever they are. Elevate your security strategy by visiting: cisco.com/go/sse.
London luxury department store Harrods has "restricted internet access" at its locations following an attempted cyberattack, the BBC reports. The company says its flagship store remains open, and customers can still shop online.
Two other major UK retailers, Marks & Spencer and Co-op, are currently recovering from disruptive cyberattacks. The UK's National Cyber Security Centre (NCSC) chief executive Dr. Richard Horne said in a statement, "The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers, and the public. The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture."
Horne added, "These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively."
Secure Access is crucial for U.S. Public Sector missions, ensuring that only authorized users can access certain systems, networks, or data - are your defenses ready? Cisco's Security Service Edge delivers comprehensive protection for your network and users. Experience the power of zero trust and secure your workforce, wherever they are. Elevate your security strategy by visiting: cisco.com/go/sse.
Ascension Health discloses another breach.
US health system Ascension is informing some patients that their medical data was breached after hackers compromised a third-party vendor in December 2024, the Register reports. The breached data involved personal information, including Social Security numbers, as well as medical information. The medical data included "[i]nformation related to inpatient visits, such as the place of service; physician name, admission and discharge dates; diagnosis and billing codes; medical record number; and insurance company name."
Ascension sustained a separate breach in May 2024 after it was hit by the Black Basta ransomware gang.
US health system Ascension is informing some patients that their medical data was breached after hackers compromised a third-party vendor in December 2024, the Register reports. The breached data involved personal information, including Social Security numbers, as well as medical information. The medical data included "[i]nformation related to inpatient visits, such as the place of service; physician name, admission and discharge dates; diagnosis and billing codes; medical record number; and insurance company name."
Ascension sustained a separate breach in May 2024 after it was hit by the Black Basta ransomware gang.
California man pleads guilty to stealing Disney data.
A 25-year-old California man named Ryan Kramer has pleaded guilty to accessing Disney's internal Slack channels and stealing over a terabyte of data, BleepingComputer reports. According to the US Justice Department, Kramer created a Trojanized AI art generation program, which was downloaded by a Disney employee. Kramer obtained the employee's Slack credentials and scraped data from thousands of Disney's Slack channels. After failing to extort the company, the defendant eventually published the data online.
Kramer pleaded guilty to two felony charges, each of which carries a maximum sentence of five years in prison.
A 25-year-old California man named Ryan Kramer has pleaded guilty to accessing Disney's internal Slack channels and stealing over a terabyte of data, BleepingComputer reports. According to the US Justice Department, Kramer created a Trojanized AI art generation program, which was downloaded by a Disney employee. Kramer obtained the employee's Slack credentials and scraped data from thousands of Disney's Slack channels. After failing to extort the company, the defendant eventually published the data online.
Kramer pleaded guilty to two felony charges, each of which carries a maximum sentence of five years in prison.
Notes.
Today's issue includes events affecting Canada, the United Kingdom, and the United States.
Sponsored EventsWebinar: On the state of modern Web Application Security (Virtual, May 13, 2025) Join our webinar to learn more about cyber risks lurking in the ever-evolving web application threat landscape and discover why web applications remain top targets for cybercriminals and how to efficiently identify business critical vulnerabilities.Webinar: Trends in Identity Attack Path Management (Virtual, May 15, 2025) Join SpecterOps for an in-depth discussion around all things Attack Path Management and Identity Security. Results from a global survey asking more than 500 IT decision-makers about their Identity security practices will be previewed to attendees.Selected Reading
Today's issue includes events affecting Canada, the United Kingdom, and the United States.
Attacks, Threats, and Vulnerabilities
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks (BleepingComputer) Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions.
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks (BleepingComputer) Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions.
Marketplace
Day 4 Recap: Closing Celebration with Jamie Foxx, RSAC™ College Day, and What's Ahead for 2026 (RSAC) Notable announcements from the week include: ProjectDiscovery being named RSAC™ Conference 2025’s Most Innovative Startup; Blue41, Sybil, and The Hacking Games wowing the Launch Pad judges; and Burt Kaliski, Amit Yoran (posthumously), Shai Halevi, and Victor Shoup taking home some hardware as part of the RSAC™ Conference Annual Awards.
Day 4 Recap: Closing Celebration with Jamie Foxx, RSAC™ College Day, and What's Ahead for 2026 (RSAC) Notable announcements from the week include: ProjectDiscovery being named RSAC™ Conference 2025’s Most Innovative Startup; Blue41, Sybil, and The Hacking Games wowing the Launch Pad judges; and Burt Kaliski, Amit Yoran (posthumously), Shai Halevi, and Victor Shoup taking home some hardware as part of the RSAC™ Conference Annual Awards.
Litigation, Investigation, and Law Enforcement
TikTok fined $600 million for China data transfers that broke EU privacy rules (AP News) European Union privacy watchdogs have fined TikTok 530 million euros ($600 million). They say a four-year investigation found that the video sharing app’s data transfers to China breached strict data privacy rules.
Three Brits charged over US, Canada swattings (The Register) : UK starts prosecution days after FBI vowed to clamp down on the crime
US wants to cut off key player in Southeast Asian cybercrime industry (The Record) The Treasury Department issued the proposed rulemaking Thursday, stating that Huione Group has helped launder funds from North Korean state-backed cybercrime operations and investment scams originating in Southeast Asia.
Industry EventsFor a complete running list of events, please visit the Event Tracker.
TikTok fined $600 million for China data transfers that broke EU privacy rules (AP News) European Union privacy watchdogs have fined TikTok 530 million euros ($600 million). They say a four-year investigation found that the video sharing app’s data transfers to China breached strict data privacy rules.
Three Brits charged over US, Canada swattings (The Register) : UK starts prosecution days after FBI vowed to clamp down on the crime
US wants to cut off key player in Southeast Asian cybercrime industry (The Record) The Treasury Department issued the proposed rulemaking Thursday, stating that Huione Group has helped launder funds from North Korean state-backed cybercrime operations and investment scams originating in Southeast Asia.
For a complete running list of events, please visit the Event Tracker.
Events
CYSAT (Paris, France, May 14 - 15, 2025) In today’s society, we heavily rely on space-based assets, and considering the continuously evolving cyber threats in the current geopolitical environment, securing space data is a major challenge. Since 2021, CYSEC has been organizing CYSAT to bring together all the players in the space cybersecurity domain.
CyberWiseCon Europe 2025 (Vilnius and virtual, Lithuania, May 21 - 23, 2025) CyberWiseCon is a premier IT security conference that brings together cybersecurity experts, industry leaders, and IT professionals from around the Europe.
NICE Conference (Denver, Colorado, USA, Jun 1 - 4, 2025) The NICE Conference is the annual convening of community members and thought leaders from education, government, industry, and non-profits to explore ways of developing a skilled cybersecurity workforce ready to meet the challenges of the future. This event provides an opportunity to share best practices from around the world and across sectors in order to build the workforce we need to confront cybersecurity risks today and in years to come.
2025 Space Regulatory Bootcamp (Albuquerque and Virtual, New Mexico, USA, Jun 10 - 11, 2025) ACSP's Bootcamps educate new and established space professionals on must-know fundamentals and arm them for success. The 2025 Space Regulatory Bootcamp, hosted in Albuquerque, New Mexico, is a two day comprehensive industry deep dive with advanced training and meaningful networking. Learn directly from leading subject matter experts on topics including space law, export controls, space telecommunications, government contracting, and more.
AWS re:Inforce 2025 (Philadelphia, Pennsylvania, USA, Jun 16 - 18, 2025) AWS re:Inforce is our annual, immersive, cloud-security learning event delivering hands-on training and collaboration with AWS experts. It’s your opportunity to learn about the latest AWS security innovations, get direct access to the AWS teams and partners who build the security tools you rely on, and connect with cloud security peers from around the world. You’ll leave with actionable next steps to raise your security posture.
Sponsor & SupportGrow your brand, generate leads, and fill your funnel.With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.
CYSAT (Paris, France, May 14 - 15, 2025) In today’s society, we heavily rely on space-based assets, and considering the continuously evolving cyber threats in the current geopolitical environment, securing space data is a major challenge. Since 2021, CYSEC has been organizing CYSAT to bring together all the players in the space cybersecurity domain.
CyberWiseCon Europe 2025 (Vilnius and virtual, Lithuania, May 21 - 23, 2025) CyberWiseCon is a premier IT security conference that brings together cybersecurity experts, industry leaders, and IT professionals from around the Europe.
NICE Conference (Denver, Colorado, USA, Jun 1 - 4, 2025) The NICE Conference is the annual convening of community members and thought leaders from education, government, industry, and non-profits to explore ways of developing a skilled cybersecurity workforce ready to meet the challenges of the future. This event provides an opportunity to share best practices from around the world and across sectors in order to build the workforce we need to confront cybersecurity risks today and in years to come.
2025 Space Regulatory Bootcamp (Albuquerque and Virtual, New Mexico, USA, Jun 10 - 11, 2025) ACSP's Bootcamps educate new and established space professionals on must-know fundamentals and arm them for success. The 2025 Space Regulatory Bootcamp, hosted in Albuquerque, New Mexico, is a two day comprehensive industry deep dive with advanced training and meaningful networking. Learn directly from leading subject matter experts on topics including space law, export controls, space telecommunications, government contracting, and more.
AWS re:Inforce 2025 (Philadelphia, Pennsylvania, USA, Jun 16 - 18, 2025) AWS re:Inforce is our annual, immersive, cloud-security learning event delivering hands-on training and collaboration with AWS experts. It’s your opportunity to learn about the latest AWS security innovations, get direct access to the AWS teams and partners who build the security tools you rely on, and connect with cloud security peers from around the world. You’ll leave with actionable next steps to raise your security posture.
Comments
Post a Comment
Please leave a comment about our recent post.