Cyberattacks
-
Chip Somodevilla via Getty Images
BeyondTrust says 17 customers impacted by December cyberattack spree
State-linked hackers were linked to a series of attacks that led to the theft of unclassified data from the Treasury Department.
By David Jones • Jan. 24, 2025 -
iStock / Getty Images Plus via Getty Images
Attackers lodge backdoors into Ivanti Connect Secure devices
Shadowserver scans found 379 compromised Ivanti Connect Secure devices. Researchers said the situation is serious and likely impacts more organizations.
By Matt Kapko • Jan. 24, 2025 -
Explore the Trendline➔
BNMK0819 via Getty Images
TrendlineTop 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
Wirestock via Getty Images
Ivanti zero-days chained together in at least 3 attacks, authorities warn
The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.
By Matt Kapko • Jan. 23, 2025 -
CharlieTong via Getty Images
Government payments contractor Conduent confirms cyberattack impacts multiple states
The incident led to delays in processing child support payments in Wisconsin.
By David Jones • Jan. 23, 2025 -
LuisPortugal/Getty Images Plus via Getty Images
Google Cloud links poor credentials to nearly half of all cloud-based attacks
Cloud services with weak credentials were a prime target for attackers, often resulting in lateral movement attempts, a Google Cloud report found.
By Matt Kapko • Jan. 22, 2025 -
izusek via Getty Images
PowerSchool data breach brings claims of negligence, poor cyber hygiene
The K-12 software company is facing legal pushback and criticism following a cyberattack that impacted a still unknown number of districts.
By Anna Merod • Jan. 22, 2025 -
Win McNamee via Getty Images
CISA clocked Salt Typhoon in federal networks before telecom intrusions
Outgoing CISA Director Jen Easterly didn’t say what agencies were impacted by Salt Typhoon or when, but noted it provided greater visibility into the active campaign.
By Matt Kapko • Jan. 16, 2025 -
Getty Plus via Getty Images
Ivanti zero-day has researchers scrambling
Threat hunters are on high alert as 900 Ivanti Connect Secure instances remain unpatched and vulnerable to exploitation, according to Shadowserver.
By Matt Kapko • Jan. 13, 2025 -
Courtesy of Rhode Island
Hack of Rhode Island social services platform impacted at least 709K, officials say
State officials received reports from Deloitte and a third-party forensic firm showing the threat to the database has been mitigated and restoration efforts are underway.
By David Jones • Jan. 10, 2025 -
piranka via Getty Images
4 cybersecurity trends to watch in 2025
Critical industries are up against never before seen challenges to remain secure and operational, while regulatory pressures have completely upended the role of the CISO in corporate America.
By David Jones , Matt Kapko • Jan. 9, 2025 -
Wirestock via Getty Images
Ivanti customers confront new zero-day with suspected nation-state nexus
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.
By Matt Kapko • Jan. 9, 2025 -
NicoElNino via Getty Images
AT&T, Verizon say they evicted Salt Typhoon from their networks
Two of the largest telecom providers in the U.S. said the China-government sponsored threat group is no longer embedded in their networks.
By Matt Kapko • Jan. 7, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA says hack targeting Treasury Department did not impact other federal agencies
BeyondTrust says an investigation of a December attack spree is nearing completion and SaaS instances are fully patched. Hackers used a stolen key to attack Treasury workstations.
By David Jones • Jan. 7, 2025 -
Win McNamee via Getty Images
Censys researchers warn 8,600 BeyondTrust instances still exposed
As authorities investigate a December attack spree, the researchers added the caveat that not all instances are considered vulnerable.
By David Jones • Jan. 3, 2025 -
Denis Tangney Jr./iStock via Getty Images
Hackers leaked data from Rhode Island ransomware attack, officials warn
A criminal threat group had previously threatened to leak sensitive data from a Deloitte-managed social services database.
By David Jones • Jan. 2, 2025 -
Chip Somodevilla via Getty Images
Treasury Department says state-linked hacker gained access to unclassified data in major attack
The compromise of agency workstations is linked to a previously disclosed compromise of certain BeyondTrust customers.
By David Jones • Dec. 31, 2024 -
Vitalii Pasichnyk/Getty via Getty Images
White House says 9th telecom company hit in Salt Typhoon spree
A senior official blamed the intrusions on lax security and said in one case the compromise of a single administrator account led to access of over 100,000 routers.
By Matt Kapko • Dec. 27, 2024 -
deberrar/Getty Images via Getty Images
BeyondTrust customers hit by wave of attacks linked to compromised API key
The cybersecurity vendor said an attacker compromised its access-management tool and reset customer passwords.
By Matt Kapko • Dec. 20, 2024 -
Avosb via Getty Images
Flagstar fined $3.5M for ‘misleading’ after 2021 cyberattack
The bank “negligently made” materially misleading statements after a hack that resulted in the theft of 1.5 million customers’ personally identifiable information.
By Gabrielle Saulsbery • Dec. 19, 2024 -
Justin Sullivan/Getty Images via Getty Images
CISA mobile security advice gets personal in wake of telecom intrusions
The agency’s recommendations are not for the technically inept. Yet the extraordinary measures, including the use of encrypted apps, are applicable to all audiences.
By Matt Kapko • Dec. 19, 2024 -
Joe Cicak via Getty Images
Pennsylvania representative pitches bill to double cyber assistance for local water systems
The proposed legislation comes amid a surge in ransomware and state-linked attacks against U.S. water utilities.
By David Jones • Dec. 17, 2024 -
iStock / Getty Images Plus via Getty Images
Cleo releases new patch as threat groups ramp up exploitation of critical CVE
Researchers warned that companies primarily in the trucking, food, retail and shipping industries were under attack.
By David Jones • Dec. 12, 2024 -
Permission granted by Grubhub/Starbucks
Blue Yonder helps restore operations for majority of impacted customers
Starbucks regained access to its employee scheduling platform, while authorities continue to probe claims by a threat group.
By David Jones • Dec. 12, 2024 -
Brandon Bell via Getty Images
Krispy Kreme online ordering disrupted by cyberattack
Following an attack on a portion of its IT systems, the chain said it was working to restore online ordering. In-store operations were not impacted.
By Julie Littman • Dec. 11, 2024 -
Photo illustration: Industry Dive; US Securities and Exchange Commission
SEC cyber incident reporting rule generates 71 filings in 11 months
Most companies that disclosed cyber incidents to the agency did not describe materiality or other useful information, a BreachRx report found.
By Matt Kapko • Dec. 11, 2024
