All Okta support system customers caught in previously disclosed breach

The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.

By Matt Kapko • Nov. 29, 2023

CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks

The Unitronics warning follows an Iran-linked hack of a Pennsylvania water treatment facility.

By David Jones • Updated Nov. 29, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

Fidelity National Financial investigating cyberattack that led to service disruption

AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.

By David Jones • Nov. 27, 2023

SMBs hit by rise in legitimate tool-based attacks

Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

By Matt Kapko • Nov. 21, 2023

‘Honesty’: Estes details its playbook for responding to a cyberattack

Being open about the incident engendered goodwill from customers and colleagues, executives said.

By Colin Campbell • Nov. 20, 2023

Threat actors behind Las Vegas casino attacks are social-engineering mavens

Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.

By Matt Kapko • Nov. 17, 2023

Stanley Steemer hack breached data of almost 67K customers

The cleaning company said attackers gained access to its systems nearly a month before the intrusion was discovered in March.

By David Jones • Nov. 17, 2023

Clorox CISO departs months after cyberattack

The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings. 

By Lindsey Wilkinson • Nov. 16, 2023

5 Juniper CVEs actively exploited in the wild

The vendor warned the Junos OS vulnerabilities can be chained to remotely execute code.

By Matt Kapko • Nov. 15, 2023

Rackspace records $5M in expenses related to 2022 ransomware attack

The cloud services company expects insurance to cover its incident costs, however multiple lawsuits are still pending.

By David Jones • Nov. 14, 2023

File-transfer services, rich with sensitive data, are under attack

A trio of supply-chain attacks in 2023 created turmoil for thousands of corporate victims and their customers.

By Matt Kapko • Nov. 14, 2023

New York proposes ‘nation-leading’ hospital cybersecurity regulations

The rules, which would require facilities to develop response plans and hire a chief information security officer, aim to safeguard hospitals from growing threats and keep them operating during an attack.

By Emily Olsen • Nov. 13, 2023

Henry Schein says customer data breached in cyber incident

The company lowered its 2023 sales and earnings forecasts in response to the incident, which took some of its distribution systems offline.

By Elise Reuter • Nov. 13, 2023

Weeks after Boeing attack, ransomware group leaks allegedly stolen files

The company’s data was leaked two weeks after the prolific Russia-affiliated group, LockBit, claimed responsibility for the attack.

By Matt Kapko • Nov. 13, 2023

Dragos again targeted by ransomware group, this time from AlphV

The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.

By David Jones • Nov. 13, 2023

4 data-driven priorities for security leaders in 2024

According to a new report, security teams are struggling amid relentless cyberattacks and limited resources. What can leaders do to set their teams up for a more stable 2024?

Nov. 13, 2023

Chinese banking giant’s US arm hit by ransomware attack

The hack reportedly disrupted the trading of U.S. Treasuries. The Industrial and Commercial Bank of China Financial Services said it is investigating the attack and progressing recovery efforts.

By Anna Hrushka • Nov. 10, 2023

For Maine, the MOVEit attack is personal

With 1.3 million individuals compromised, the level of exposure on an individual basis is one that's representative of a compromise of its entire population.

By Matt Kapko • Nov. 10, 2023

Mr. Cooper customers’ data exposed by cyberattack

The mortgage servicing provider has yet to determine how many of its 4.3 million customers had data compromised or the extent of potential damage.

By Matt Kapko • Nov. 9, 2023

MGM Resorts anticipates no further disruptions from September cyberattack

The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

By David Jones • Nov. 9, 2023

Ransomware targeting casinos is on the rise, FBI warns

Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.

By Matt Kapko • Nov. 9, 2023

Cyberattack hits Singapore’s Marina Bay Sands hotel and casino

The Las Vegas Sands Corp.-owned property said the intrusion exposed the personal data of about 665,000 people.

By Matt Kapko • Nov. 8, 2023

Cyberattack hits Mr. Cooper, blocks millions of mortgage payments

The loan servicing giant shut down systems after it detected the intrusion and set up alternative methods for its 4.3 million customers to make payments.

By Matt Kapko • Nov. 7, 2023

Atlassian Confluence customers confront pair of critical vulnerabilities

Back-to-back vulnerabilities in the enterprise content collaboration and management workspace remain under active attack by threat actors.

By Matt Kapko • Nov. 7, 2023

Countries pledge to not pay ransoms, but experts question impact

There is no mandate to ban governments or businesses from paying ransom demands, but the pledge could be a step toward that outcome.

By Matt Kapko • Nov. 6, 2023