Cyberattacks: Page 16
-
stefanovsky via Getty Images
Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn
Threat actors have been leveraging a known vulnerability in Netwrix Auditor to exfiltrate data from targeted entities since May.
By David Jones • July 7, 2023 -
Courtesy of Suncor
Suncor Energy confirms hackers breached Petro-Canada gas stations’ customer rewards data
The company, the largest integrated energy firm in Canada, said field operations were not impacted.
By David Jones • July 6, 2023 -
Explore the Trendline➔
BNMK0819 via Getty Images
TrendlineTop 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
DKosig via Getty Images
MOVEit vulnerability snags almost 200 victims, more expected
The education sector has been hit particularly hard as many widely used vendors in the space confirm impacts linked to the mass exploited vulnerability.
By Matt Kapko • July 5, 2023 -
Courtesy of Suncor
Petro-Canada reports service restoration after suspected Suncor breach
The gas station chain restored card payments, but hasn’t shared specific details about the disruption. The industry has been under threat from state-linked actors.
By David Jones • June 29, 2023 -
Courtesy of Suncor
Suncor Energy continues probe of cyber incident disrupting gas station payments
The incident came just days after authorities warned of possible attacks against the Canadian oil and gas sector.
By David Jones • June 28, 2023 -
David McNew/Getty via Getty Images
Cyberattack exposes data on nearly 9K American and Southwest Airlines pilot applicants
Two of the world’s largest airlines no longer use recruitment portal Pilot Credentials after a cyberattack at the end of April.
By Matt Kapko • June 27, 2023 -
iStock via Getty Images
MOVEit vulnerability ensnares more victims
Some organizations have been impacted due to their direct use of MOVEit while others have been exposed by third-party vendors.
By Matt Kapko • June 27, 2023 -
maciek905 via Getty Images
Cybercriminals target high-profit companies: AEI
Investors in recent years have responded faster to news about a cyberattack, the study, which encompasses more than two decades of cyber events, found.
By Jim Tyson • June 26, 2023 -
Jack Taylor via Getty Images
Big names disclose MOVEit-related breaches, including PwC, EY and Genworth Financial
More than 100 organizations have been hit as part of the MOVEit attack campaign, including PBI Research Services, which exposed millions of customer data files to theft.
By David Jones • June 23, 2023 -
Retrieved from Dole.
Dole says February ransomware attack breached data of almost 3,900 US workers
The fresh produce giant disclosed the data security impact in a filing with the Maine Attorney General.
By David Jones • June 22, 2023 -
Courtesy of Mondelēz International
Mondelēz retirement data breached after hacker targets law firm Bryan Cave
The company said a third-party actor stole sensitive customer data from the firm, impacting more than 51,000 current and former Mondelēz employees.
By David Jones • June 21, 2023 -
Bill Oxford via Getty Images
Progress Software faces federal class action lawsuits as MOVEit breach exposure widens
Louisiana residents allege their personal financial information was put at risk after the state's motor vehicles department had data exposed in the MOVEit data breach.
By David Jones • June 21, 2023 -
LUNAMARINA/iStock/Getty Images Plus via Getty Images
US puts $10M bounty on Clop as federal agencies confirm data compromises
Additional private sector companies have disclosed attacks after multiple vulnerabilities were found in MOVEit Transfer software.
By David Jones • June 20, 2023 -
Jeenah Moon via Getty Images
Microsoft confirms DDoS attacks caused Azure, OneDrive outages
The DDoS attacks, targeting layer 7, were designed to overwhelm application server infrastructure and are considered especially complex to detect.
By David Jones • Updated June 20, 2023 -
Naomi Eide/Cybersecurity Dive
Another MOVEit vulnerability found, as state and federal agencies reveal breaches
The third vulnerability since Progress Software first disclosed a MOVEit Transfer zero day arrived just as CISA officials said a “small number” of federal agencies were impacted.
By Naomi Eide • June 16, 2023 -
TU IS via Getty Images
Clop names a dozen MOVEit victims, but holds back details
As its deadline expired, the ransomware group released the first batch of victim organizations, most of which were U.S.-based, ReliaQuest found.
By Naomi Eide • June 15, 2023 -
vchal via Getty Images
MOVEit customers on high alert as Clop’s deadline expires
As more compromised organizations come forward, one risk analysis firm is pushing the timeline for the vulnerability back years.
By Matt Kapko • June 14, 2023 -
gorodenkoff via Getty Images
Fortinet urges firmware upgrades after critical vulnerability at risk of malicious attacks
The warning comes just weeks after the company was linked to the Volt Typhoon campaign against U.S. critical infrastructure targets.
By David Jones • June 13, 2023 -
Leon Neal via Getty Images
LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack
Karim Toubba is ready to talk nearly a year after LastPass suffered a cyberattack that became one of the biggest security blunders of 2022.
By Matt Kapko • June 13, 2023 -
David Ramos via Getty Images
Microsoft investigating threat actor claims following multiple outages in 365, OneDrive
A hacktivist group known as Anonymous Sudan has claimed to be involved in DDoS attacks.
By David Jones • June 9, 2023 -
iStock/Getty Images Plus via Getty Images
Barracuda urges customers to replace compromised ESG appliances immediately
The retirement of all compromised ESG appliances is akin to an admission the company could not remove threat actor access and recover the devices for customers.
By Matt Kapko • June 9, 2023 -
Just_Super/Getty Images via Getty Images
Clop claims hundreds of MOVEit vulnerability victims
The prolific threat actor is responsible for two of the three high-profile, actively exploited vulnerabilities in file-transfer services so far this year.
By Matt Kapko • June 8, 2023 -
Sean Pavone via Getty Images
Dallas in the homestretch of ransomware attack recovery
Security operations and tools are also getting a refresh as city officials rebuild impacted systems and make upgrades across multiple departments.
By Matt Kapko • June 7, 2023 -
WhataWin via Getty Images
What we know about the MOVEit vulnerabilities and compromises
Active exploits already resulted in a follow-on attack that’s impacted multiple organizations. Threat hunters are on guard and anticipate more victims.
By Matt Kapko • Updated June 12, 2023 -
Ridofranz via Getty Images
Cybercriminals target C-suite, family members with sophisticated attacks
A study by BlackCloak and Ponemon shows senior executives are being targeted for IP theft, doxxing and extortion, often through home office networks.
By David Jones • June 5, 2023
Previous
