Schneider Electric, a world leader in industrial manufacturing, has fallen victim to a cyber attack affecting its Sustainability Business division. The attack has been attributed to a rising ransomware operation called “Cactus,” a relatively young but prolific group. The attack was limited to Schneider’s sustainability division, which provides software and consulting services to enterprises, and affected no safety-critical systems. However, the company faces potential repercussions if clients’ business data is leaked. Schneider Electric has not yet revealed the scope of the data that may have been lost, but one affected platform is Resource Advisor, which helps organizations track and manage their ESG, energy, and sustainability-related data. The Cactus ransomware gang has claimed responsibility for the attack, though Schneider Electric has not confirmed this attribution. Cactus is a relatively new ransomware group that relies on known vulnerabilities and off-the-shelf software for its attacks. Schneider Sustainability serves a broad range of organizations across more than 100 countries, including 30% of the Fortune 500. The company has already informed affected customers and expects business operations to return to normal soon. However, the incident highlights the risk posed by basic vulnerabilities, even among organizations with substantial cybersecurity budgets.
Schneider Electric faces ‘Cactus’ Ransomware
Latest from Blog
C/side raises 6 million to protect your website
Article Summary TLDR: C/side, a website security company, raised $6 million in recent investment rounds. The company specializes in securing scripts on websites to prevent cyber attacks. Belgian start-up C/side, founded by
Uncover ChatGPT in Google Workspace with our investigative guide
Article Summary TLDR: – OpenAI launched ChatGPT in 2022 with extensive permissions for Google Drive. – Nudge Security provides visibility into genAI integrations and helps mitigate security risks. Key Points: Connecting Google
Stay ahead in cybersecurity with Bernard Montel, Tenable’s latest trends
TLDR: Key Points: The global pandemic caused a shift to remote work and changed the cybersecurity landscape Ransomware, cloud security, IoT devices, and identity management are key cybersecurity trends In a recent
Unpaid open source maintainers face security risks with XZ Utils
TLDR: Open source maintainers facing security pressure after XZ Utils incident Report shows majority of maintainers are unpaid despite increased security standards Open source maintainers are facing heightened pressure to meet security
Chrome users tricked into giving up Google passwords by hackers
Article Summary TLDR: Hackers are using a new technique called StealC to force Chrome users to reveal their Google account passwords. Another threat called TrickMo pretends to be the Google Chrome app
Google Cloud Flaw Lets Attackers Run Code on Millions Servers
TLDR: A critical remote code execution (RCE) vulnerability in Google Cloud Platform (GCP) called CloudImposer was discovered and patched. The vulnerability affected multiple GCP services and could have allowed attackers to execute
Nvidia partners with CrowdStrike for cybersecurity program
Article Summary TLDR: Key Points: Nvidia has joined the CrowdStrike Cybersecurity Startup Program. The program includes partners from EMEA and the United States. Nvidia Joins CrowdStrike Cybersecurity Startup Program Nvidia has recently
Crowdstrike (CRWD) reigns as the top cybersecurity company
TLDR: Yahoo’s Cookie Policy Key Points: Yahoo is part of the Yahoo Brands family, which includes Yahoo and AOL. When using Yahoo sites and applications, cookies are used for various purposes such
Bounce back with a focus on identity in incident response
Article Summary TLDR: Incident response plans need to focus on identity breaches. An Identity-Focused Incident Response Playbook is essential for detecting, containing, and recovering from identity attacks. Article Summary: In the article
Get ready for grand opening of Richard E Neal Cybersecurity Center
TLDR: Congressman Richard Neal will open the Richard E. Neal Cybersecurity Center of Excellence in Springfield. The center will be a hub for training cybersecurity professionals and will collaborate with Springfield Technical