Industry News: ESG5

The Target:​ Sensata is a global industrial tech firm specializing in mission‑critical sensors, controls, and electrical protection systems. It serves the automotive, aerospace, and defense industries, among others, and has an annual revenue of over $4 billion.

The Take: The company is now notifying an undisclosed number of impacted individuals that the following data was stolen: Full name, address, Social Security Number (SSN), driver's license number, state ID card number, passport number, financial account information, payment card information, medical information, health insurance information, date of birth.

The Vector: Subsequent investigations into the incident supported by an external expert showed that the ransomware actors breached Sensata's network on March 28, 2025.

This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

Read more...

2025-06-12

CSO Online: Experts quizzed by CSO said that the rapid adoption of emerging technologies — which comes with the downside of fresh vulnerabilities that cybercriminals can exploit — together with a widening skills gap is contributing to a deteriorating security outlook for small and midsize businesses (SMBs).

Read more...

2025-06-11

Cybersecurity Dive: An international law enforcement operation has dismantled the computer infrastructure powering multiple strains of information-stealer malware.

Read more...

2025-06-10

Cybersecurity Dive: Artificial intelligence is turbocharging hackers’ operations, from writing malware to preparing phishing messages. But generative AI’s much-touted impact has its limits, a cybersecurity expert said at an industry conference.

Read more...

2025-06-09

PYMNTS: Four financial industry trade associations said that federal agencies should limit their data collection to “only what is necessary” after a series of cybersecurity incidents targeted those agencies.

Read more...

2025-06-09

SecurityWeek: The Israeli company said the Series B raise included equity stakes for new backer Phoenix Financial and returning investors Glilot Capital Partners, SentinelOne, Hanaco Ventures, iAngels, GKFF Ventures and Lumir. 

Read more...

2025-06-09

Bleeping Computer: SentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm.

Read more...

2025-06-09

Dark Reading: A June 6 cybersecurity executive order from the Trump White House takes a couple of swipes at presidential predecessors Barack Obama and Joe Biden.

Read more...

The Target:​ As one of the largest newspaper groups in the United States, Lee Enterprises publishes 77 daily newspapers and 350 weekly and specialty publications across 26 states.

The Take: The information that could have been subject to unauthorized access and/or acquisition includes first and last name, as well as Social Security number.

The Vector: The investigation determined that information may have been accessed or acquired without authorization on February 3, 2025.

This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2025-06-05

Cybersecurity Dive: President Donald Trump’s nominee for national cyber director spent his Senate confirmation hearing calling for bold action to repel hackers but ducking questions about the impact of the administration’s proposed cybersecurity funding cuts.

Read more...