Yazılar

Suspected Russian Hackers Use Sophisticated New Tactic to Target UK Researcher

/in /tarafından

Suspected Russian hackers deployed a novel and highly convincing tactic to trick British researcher Keir Giles into compromising his own accounts, according to Giles and cybersecurity experts.

Last month, the hackers impersonated a U.S. State Department official named “Claudie Weber” who contacted Giles via email to arrange a meeting requiring use of a secure government app. Although the email came from a Gmail address, the communication was fluent, idiomatic, and included apparent State Department colleagues copied on the exchange. Giles, a seasoned expert on Russia and espionage, was usually wary but was eventually deceived by the professionalism and persistence over nearly two weeks.

Giles provided an app-specific password—a credential that grants third-party app access but can bypass regular password protections—thus exposing his account.

Alphabet’s Google attributed the attack to the Russian government, citing similarities to prior campaigns. The Russian Foreign Ministry did not respond to inquiries. Giles described the operation as seamless, with no obvious red flags even in hindsight.

Cybersecurity researchers from Citizen Lab noted the attack’s fluency might indicate the use of advanced AI, such as large language models, to craft convincing messages—marking a significant upgrade from typical error-ridden phishing attempts. They also pointed out that the hackers exploited the lack of error messages when sending emails to fake State Department addresses.

This sophisticated social engineering attack highlights evolving cyber threats where even cautious experts can be deceived by carefully orchestrated campaigns.

The U.S. State Department did not immediately comment on the incident.

Marks & Spencer Resumes Online Orders After 46-Day Cyberattack Shutdown

/in /tarafından

British retailer Marks & Spencer (M&S) has resumed online orders for its clothing range after a 46-day suspension due to a cyberattack. The company’s shares rose 3.5% following the restart of standard home deliveries in England, Scotland, and Wales for most clothing items.

An M&S spokesperson noted that not all products are currently available online, with the initial focus on best-selling and new items. The retailer plans to expand the available product selection daily. Deliveries to Northern Ireland, as well as click-and-collect, next-day, nominated-day, and international delivery services, are expected to resume in the coming weeks.

M&S halted clothing and home orders through its website and app on April 25 after technical issues during the Easter holiday weekend disrupted contactless payments and click-and-collect services. The company had initially disclosed managing a “cyber incident” on April 22.

Last month, M&S projected that online disruptions would continue into July and estimated the financial impact at approximately £300 million ($404 million) in lost operating profit for the 2025/26 financial year. However, the company aims to reduce this loss through insurance claims and cost-cutting measures. The cyberattack also interfered with M&S’s supply chain, hindering its ability to stock stores during a period of high demand driven by warm weather.

Industry analysts anticipate that the upcoming end-of-season sale will feature larger inventories and deeper discounts than usual. Despite Tuesday’s share price recovery, M&S shares remain 9.5% lower since the cyberattack was first reported.

The breach occurred when hackers exploited a vulnerability by deceiving employees at a third-party contractor, allowing them to bypass M&S’s digital security measures. In response, M&S plans to use this incident as an opportunity to accelerate technological upgrades.

In recent weeks, several global retailers have reported similar cyber incidents, including UK grocer the Co-op Group, German sportswear brand Adidas, luxury jeweller Cartier, and U.S. lingerie retailer Victoria’s Secret.

United Natural Foods Cyber Incident Disrupts Operations, Affects Whole Foods Supply

/in /tarafından

United Natural Foods Inc (UNFI), a major U.S. grocery distributor supplying clients including Whole Foods, experienced a cyber incident that forced it to take certain internal systems offline, temporarily disrupting its ability to fulfill and distribute customer orders.

The company disclosed in a June 9 SEC filing that it proactively shut down some systems after detecting unauthorized activity on its networks on June 5. While specifics of the incident were not disclosed, the disruption has caused operational delays expected to continue for a time.

Shares of United Natural fell sharply on Monday, closing down nearly 7% at $25.94 amid concerns over the incident’s impact.

A Whole Foods spokesperson confirmed efforts to restock shelves promptly but referred further questions to United Natural Foods.

This incident follows a series of recent cyberattacks affecting major retailers in the U.S. and UK, including Marks & Spencer, Co-op, Harrods, and Victoria’s Secret. While United Natural has not confirmed the nature of the unauthorized activity, similar disruptions have frequently involved ransomware attacks, where criminals encrypt company data and demand ransom payments.

United Natural Foods is the largest publicly traded distributor focused on “healthier food options” across the U.S. and Canada and recently secured an eight-year extension as primary distributor for Amazon-owned Whole Foods. The company reported $8.2 billion in net sales for the 13 weeks ending February 1, 2025.

The FBI has not commented on the incident.