Worries mount for MOVEit vulnerability, as likelihood of compromise expands

MOVEit has customers across highly regulated industries, exemplifying the potential damage among government, finance and healthcare organizations.

By Matt Kapko • June 5, 2023

MOVEit zero-day vulnerability under active exploit, data already stolen

Mandiant found evidence of attacks over Memorial Day weekend and said it’s possible earlier instances of exploitation may still be uncovered.

By Matt Kapko • June 1, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

Barracuda zero-day vulnerability exploited for 7 months before detection

The latest disclosure increases the potential for widespread compromise for customers using the security vendor’s email security gateway appliances.

By Matt Kapko • May 31, 2023

Moody’s cites credit risk from state-backed cyber intrusions into US critical infrastructure

Key sectors could face short-term revenue impacts and long-term reputational harm and litigation risk, the credit ratings service said.

By David Jones • May 31, 2023

ABB confirms ransomware attack resulted in data theft

The Switzerland-based industrial automation giant said customer systems were not directly impacted. Key services and factories remain operational.

By Matt Kapko • May 30, 2023

PyPI to mandate 2FA by the end of 2023

The mandate is part of a larger effort to prevent account takeover attacks.

By David Jones • May 30, 2023

Royal messes with Texas

A trio of ransomware attacks targeting the Dallas metro area have the hallmarks of a targeted campaign. They also underscore a very real problem: society is becoming desensitized to disruption.

By Matt Kapko • May 26, 2023

Broad campaign underway to access US critical infrastructure using small, home office devices

A state-linked actor, Volt Typhoon, is attempting to gain a foothold across U.S. networks amid rising tensions in the Pacific, Microsoft and the Five Eyes authorities said.

By David Jones • May 25, 2023

CISA updates ransomware guide 3 years after its debut

The #StopRansomware guide, updated in partnership with the FBI, NSA and MS-ISAC, reflects aggressive new techniques used by threat actors, including double extortion.

By David Jones • May 24, 2023

SMBs, regional MSPs under fire from targeted phishing attacks

Sophisticated cybercriminals are attacking vulnerable target rich and resource poor organizations to reach secondary victims via phishing campaigns, Proofpoint researchers warn.

By Matt Kapko • May 24, 2023

Dallas under pressure as Royal ransomware group threatens leak

By listing Dallas on its leak site on the dark web, Royal rebutted the city’s claims that data was not compromised during the attack.

By Matt Kapko • May 22, 2023

Dole incurs $10.5M in direct costs from February ransomware attack

The attack impacted about half of Dole's legacy company’s servers and one-quarter of its end-user computers.

By David Jones • May 18, 2023

UMass Memorial agrees to pay $1.2M to settle FLSA claims stemming from Kronos attack

A ransomware attack took the UKG product offline for weeks and has spawned several lawsuits.

By Kate Tornone • May 18, 2023

Dallas courts still closed 2 weeks post-ransomware attack

Continued outages also prevent police from accessing data, which is severely impacting efforts to reduce crime as summer approaches, Police Chief Eddie Garcia said.

By Matt Kapko • May 17, 2023

Yum Brands faces class action suits from employees after ransomware attack

The Taco Bell and KFC operator is facing litigation after some personal data of company employees was stolen in the attack.

By David Jones • May 16, 2023

VMware’s ‘target-rich environment’ is growing more volatile, CrowdStrike warns

Ransomware groups continue to target VMware because they know the virtualization infrastructure is vulnerable and lacks security tools, threat researchers said.

By Matt Kapko • May 16, 2023

Emerging ransomware group quickly hits 4 critical infrastructure providers

The financially motivated threat actor attacked organizations in manufacturing, finance, insurance and pharmaceuticals within a week of its debut. 

By Matt Kapko • May 15, 2023

Western Digital cyberattack not expected to have material impact on future earnings

The company is coordinating with law enforcement while it continues a forensic investigation. 

By David Jones • May 15, 2023

Costs of software supply chain attacks could exceed $46B this year

Losses attributed to software supply chain attacks will jump 76%, reaching almost $81 billion by 2026, according to Juniper Research.

By Matt Kapko • May 12, 2023

PaperCut actively exploited by multiple threat actors, targeting education sector

Education is a key market for the print management software, which threat actors have targeted since mid-April. 

By Matt Kapko • May 12, 2023

Criminal actors switch tactics after Microsoft began to block macros last year

Researchers from Proofpoint have seen a rise in HTML smuggling, PDFs and OneNote files for malware delivery since late 2022.

By David Jones • May 12, 2023

Flood of ransom payments continues as officials mull ban

The revived debate over the viability of a ransom payment ban comes down to the cost ransomware is causing organizations globally.

By Matt Kapko • May 11, 2023

Dragos says it thwarted extortion bid by known ransomware threat group

The hackers accessed limited information by impersonating a new employee, and the cybersecurity firm warns some stolen data may be leaked.

By David Jones • May 11, 2023

It’s becoming more common for ransomware to lock up data

Data encryption is at four-year high, despite scenarios where threat actors skip encryption and lean on data theft and extortion, according to Sophos.

By Matt Kapko • May 10, 2023

Dallas restores core emergency dispatch systems

“At this point, we do not have evidence or indication that there has been data removed during this attack,” Dallas CIO Bill Zielinski told city officials Monday.

By Matt Kapko • May 9, 2023