The Latest
-
iStock Editorial / Getty Images Plus via Getty Images
Fortinet zero-day attack spree hits at least 50 customers
Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been stolen.
-
simonkr via Getty Images
Despite improved workplace culture, tech workers still eye the door
Many tech professionals plan to quit in the next year despite being the most likely group to recommend their employers, according to EY.
-
qingwa via Getty Images
SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure
The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.
-
Permission granted by Gartner
4 ways AI could impact employees, workflows: Gartner
Technology leaders can expect AI to continue to raise questions around workforce shifts, privacy procedures and security techniques.
-
iStock via Getty via Getty Images
OpinionHow to implement attack surface management
ASM is a core component of exposure management that organizations can leverage to enhance vulnerability management.
-
Mark Wilson / Getty Images via Getty Images
FCC expands cooperation with states on data security, privacy enforcement
More states are working with the agency to investigate possible violations of consumer privacy and data security laws.
-
DKosig via Getty Images
Critical Veeam CVE actively exploited in ransomware attacks
Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.
-
Win McNamee via Getty Images
New legislation aims to tame ‘Wild West’ in healthcare cybersecurity
The proposed bill, introduced last month by Sens. Ron Wyden and Mark Warner, is a good step forward, but hospitals may need more funds to boost their cybersecurity practices, experts say.
-
Getty Images via Getty Images
CISOs are gaining influence among corporate leadership
A Deloitte Global report shows CISOs are involved in a growing set of strategic decisions about digital transformation, cloud and other technology issues.
-
nespix via Getty Images
Sophos to buy Secureworks in $859M push into XDR
The deal follows a marketwide push for vendor consolidation and a growing interest in more end-to-end offerings from a single provider.
-
Drew Angerer via Getty Images
Microsoft confirms partial loss of security log data on multiple platforms
The company previously expanded free access to security logs on several platforms, including Purview, following the 2023 state-linked hack of Exchange Online.
-
deberrar/Getty Images via Getty Images
Zero-day exploits swelled in 2023: Mandiant
Of the 138 actively exploited vulnerabilities disclosed in 2023 and later analyzed by the threat intelligence firm, 97 were exploited as zero-days.
-
Chip Somodevilla via Getty Images
US disables Anonymous Sudan infrastructure linked to DDoS attack spree
Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.
-
LuisPortugal/Getty Images Plus via Getty Images
Iran-linked attackers hit critical infrastructure with brute force
CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.
-
Permission granted by Carnegie Mellon University
FBI, CISA seek input on software security, configuration changes
Authorities are seeking public comment on steps the software industry can take to make their products more resistant to malicious threat activity.
-
Jeenah Moon via Getty Images
Microsoft reveals ransomware attacks against its customers nearly tripled last year
Despite the increase, the percentage of cyberattacks reaching the encryption stage continued to decline, according to a Microsoft study.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
CISA adds SolarWinds flaw to exploited vulnerabilities catalog
A hardcoded credentials vulnerability in SolarWinds Web Help Desk lets attackers read and modify sensitive help desk ticket information.
-
Chip Somodevilla via Getty Images
Majority of global CISOs want to split roles as regulatory burdens grow
Trellix research shows rising cybersecurity demands from the SEC and other government bodies are pushing CISOs even closer to the edge.
-
Win McNamee via Getty Images
Lawmakers seek insight into China-linked attacks on telecom networks
Members of congress want to know when and how AT&T, Lumen and Verizon learned of the intrusions and what data the threat group accessed.
-
Just_Super via Getty Images
Critical CVE in 4 Fortinet products actively exploited
CISA added the format string vulnerability to its known exploited vulnerabilities catalog last week, months after it was first disclosed by the company.
-
.shock via Getty Images
Where organizations invest after a data breach
Asking customers to foot the bill for data breach remediation will not prevent future data breaches or address the issues that cause costs to increase.
-
Brandon Bell via Getty Images
Clorox says 2023 cyberattack hurt progress on 2030 plastic, waste reduction goals
The company is reassessing some sustainability goals, according to its latest annual report. Data shows the company stagnated on lowering virgin material and upping PCR in packaging.
-
Sara Samora/Cybersecurity Dive
American Water Works reconnecting systems a week after cyberattack
The water utility said there is no evidence of damage to its facilities, but law enforcement and forensic experts are still investigating.
-
Justin Sullivan via Getty Images
FTC settles yearslong investigation into Marriott’s ‘security failures’
The settlement caps a pattern of major data breaches at Marriott and its subsidiary Starwood Hotels and Resorts Worldwide over the last decade.
-
Nick van Bree via Getty Images
Cyber risk tops C-suite concerns heading into US election
A report by PwC shows American business leaders will continue to focus on data regulation, AI and technology investments regardless of which party prevails in November.
