Cyberattacks: Page 10
-
D3Damon via Getty Images
Zero-day exploits hit CrushFTP, researchers expect rapid exploitation
CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.
By Matt Kapko • April 24, 2024 -
Courtesy of UnitedHealth Group
UnitedHealth admits it paid a ransom in Change Healthcare attack
The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.
By Emily Olsen • Updated April 24, 2024 -
DKosig via Getty Images
Palo Alto Networks quibbles over impact of exploited, compromised firewalls
The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.
By Matt Kapko • April 23, 2024 -
Philipp Tur/Getty Images Plus via Getty Images
Mitre R&D network hit by Ivanti zero-day exploits
Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.
By Matt Kapko • April 22, 2024 -
NicoElNino via Getty Images
Frontier Communications hit by cyberattack, IT systems impacted
The telecom provider said a cybercrime group intruded its IT infrastructure and gained access to PII. The operational disruption following its containment "could be considered material."
By Matt Kapko • April 19, 2024 -
iStock/Getty Images Plus via Getty Images
Palo Alto Networks warns firewall exploits are spreading
Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.
By Matt Kapko • April 18, 2024 -
LuisPortugal/Getty Images Plus via Getty Images
Cisco Duo MFA message logs exposed in third-party breach
About 1% of the MFA and single sign-on provider’s business customers are impacted. An attacker intruded the third-party vendor’s systems via phishing.
By Matt Kapko • Updated Aug. 26, 2024 -
Courtesy of UnitedHealth Group
UnitedHealth expects up to $1.6B hit from Change cyberattack this year
Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.
By Rebecca Pifer • April 16, 2024 -
3000ad via Getty Images
Federal agencies caught sharing credentials with Microsoft over email
U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.
By Matt Kapko • April 12, 2024 -
Andrew Brookes
Mandiant spots advanced exploit activity in Ivanti devices
The incident response firm identified eight threat groups targeting the remote access VPNs and observed evolved post-exploitation activity.
By Matt Kapko • April 9, 2024 -
Schweikert, John. (2022). [Photograph]. Retrieved from U.S. Courts.
Change Healthcare asks to consolidate dozens of cyberattack class-action lawsuits
Lawsuits against the UnitedHealth subsidiary are racking up following a cyberattack against the technology firm in late February.
By Emily Olsen • April 9, 2024 -
Just_Super via Getty Images
D-Link tells customers to sunset actively exploited storage devices
The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability.
By Matt Kapko • April 8, 2024 -
Techa Tungateja via Getty Images
Omni Hotels & Resorts hit by cyberattack
The hotel chain has been responding to the attack since March 29, when it shut down some of its systems.
By Noelle Mateer • April 8, 2024 -
gorodenkoff via Getty Images
Ivanti pledges security overhaul after critical vulnerabilities targeted in lengthy exploit spree
CEO Jeff Abbott said significant changes are underway. The beleaguered company committed to improve product security, share learnings and be more responsive to customers.
By David Jones • April 4, 2024 -
Jeenah Moon via Getty Images
Microsoft Exchange state-linked hack entirely preventable, cyber review board finds
The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.
By David Jones • April 3, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA asserts no data stolen during Ivanti-linked attack on the agency
Threat actors gained access to and potentially compromised two CISA systems weeks after the agency applied Ivanti’s initial mitigation measures.
By Matt Kapko • April 2, 2024 -
iStock / Getty Images Plus via Getty Images
Hospital groups question HHS about data breach reporting after Change Healthcare attack
In a Thursday letter, the American Hospital Association urged the HHS’ Office of Civil Rights to reduce “duplicative” breach notifications from the cyberattack.
By Susanna Vogel • March 25, 2024 -
Sponsored by Palo Alto Networks
From silos to synergy: how IT-OT integration strengthens industrial cybersecurity
Disconnects between IT and OT teams hinder stronger cybersecurity; it’s time to flip the script. IT and OT teams hinder stronger cybersecurity; it’s time to flip the script.
By Qiang Huang, Vice President of product management, cloud delivered security services of Palo Alto Networks • March 25, 2024 -
Getty Plus via Getty Images
Threat groups hit enterprise software, network infrastructure hard in 2023
Recorded Future observed an approximately threefold increase in actively exploited high-risk vulnerabilities in enterprise software and network infrastructure, such as VPNs.
By Matt Kapko • March 22, 2024 -
Retrieved from Jen Easterly/CISA.
Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears
Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk.
By David Jones • March 22, 2024 -
Ruben Sprich/Reuters
Change Healthcare’s drawn-out recovery catches flak from cyber experts
At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.
By Matt Kapko • March 21, 2024 -
mohd izzuan via Getty Images
Change Healthcare cyberattack could damage credit at small providers: Fitch
Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.
By Emily Olsen • March 21, 2024 -
NicoElNino via Getty Images
Five Eyes implores critical infrastructure execs to take China-linked threats seriously
Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.
By Matt Kapko • March 20, 2024 -
Kevin Dietsch via Getty Images
More warnings emerge about state-linked cyber threats to water infrastructure
The White House and EPA set an urgent virtual meeting with state homeland security and other top officials, citing efforts to boost the resiliency of drinking and wastewater treatment systems.
By David Jones • March 20, 2024 -
Photo illustration: Industry Dive; US Securities and Exchange Commission
How companies describe cyber incidents in SEC filings
The words businesses use in cybersecurity disclosures matter. They can channel confidence in the recovery process, potential impacts and legal liabilities.
By Matt Kapko • March 19, 2024
Previous
