CommonSpirit Health confirms it was hit by ransomware attack

The health system is still grappling with the cyberattack more than a week after disclosing an unspecified “IT security incident.” 

By Samantha Liss • Oct. 13, 2022

Lloyd’s at ‘advanced point’ in network investigation, remains mum on the details

The organization has remained tight-lipped on the nature of its unusual network activity — including the root cause — but it has moved quickly to isolate systems.

By Naomi Eide • Oct. 7, 2022

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

LA schools system downplays impact of leaked data

Screenshots of files stolen and leaked by Vice Society paint a worrying scenario, contradicting some of the district’s assertions.

By Matt Kapko • Oct. 6, 2022

Lloyd’s cuts external connections after identifying ‘unusual’ network activity

The organization, which boasts significant influence in insurance, including cyber coverage mandates, did not disclose the nature of the activity.

By Naomi Eide • Oct. 5, 2022

CommonSpirit Health says it experienced ‘IT security incident’ in multiple regions

One of the nation's largest health systems, CommonSpirit operates 140 hospitals and more than 1,500 sites of care across 21 states.

By Samantha Liss • Oct. 4, 2022

Los Angeles schools’ data leaked after ransomware attack

Vice Society posted data it claims to have stolen during the Labor Day weekend attack. The district refused to respond to the threat actor’s ransom demand.

By Matt Kapko • Oct. 3, 2022

State and local governments report spike in ransomware attacks

The public sector is hit less often than other industries, but it contends with more post-attack damage, according to Sophos.

By Matt Kapko • Oct. 3, 2022

Vice Society raises ransomware pressure on Los Angeles school district

The ransomware group, which has hit at least eight school systems this year, threatened to publish stolen data from the district next Monday.

By Matt Kapko • Sept. 30, 2022

State-linked actor targets VMware hypervisors with novel malware

The technique was discovered by Mandiant researchers looking into a campaign designed to avoid EDR detection.

By David Jones • Sept. 29, 2022

US organizations hit by almost half of all ransomware since 2020

American exceptionalism extends to ransomware as organizations based in the U.S. suffered the greatest number of attacks, ahead of Canada and the U.K. 

By Matt Kapko • Sept. 28, 2022

Australia’s telecom giant Optus avoids ransom demand as attacker reverses course

The threat actor ramped up pressure by leaking data on the Australian company’s customers, then quickly backed down for unknown reasons.

By Matt Kapko • Sept. 27, 2022

American Airlines phishing attack involved unauthorized access to Microsoft 365

The airline has begun disclosing additional details to state regulators, confirming more than 1,700 people were impacted.

By David Jones • Sept. 26, 2022

Australia’s second-largest wireless carrier suffers major cyberattack

Optus pinned the blame on a sophisticated threat actor and expressed concern about potential phishing attacks against its customers.

By Matt Kapko • Sept. 23, 2022

Malicious OAuth applications used to control Exchange tenants in sweepstakes scam

Microsoft researchers said a threat actor launched credential-stuffing attacks against high-risk accounts that failed to deploy multifactor authentication.

By David Jones • Sept. 23, 2022

Ransom demand escalates fallout from Los Angeles schools cyberattack

The Los Angeles school district hasn’t responded to the demand, following the advice of federal authorities. The stakes are high as sensitive data may hang in the balance.

By Matt Kapko • Sept. 21, 2022

American Airlines targeted by threat actor in July data incident

The airline has notified customers about the potential release of personal data, but said there is no evidence of the data being misused. 

By David Jones • Sept. 20, 2022

Uber details how it got hacked, claims limited damage

While there's no evidence the rideshare company's codebase was altered, the attacker did gain access to Slack, vulnerability reports and financial data.

By Matt Kapko • Sept. 19, 2022

Threat actor breaches many of Uber’s critical systems

After duping an employee into providing their password, the attacker claims it gained access to Uber’s cloud infrastructure and sensitive data.

By Matt Kapko • Sept. 16, 2022

Cloud security pros expect elevated risk for serious data breaches

Just one out of five cybersecurity and engineering professionals escaped the previous year without incident.

By Matt Kapko • Sept. 14, 2022

Healthcare cyberattacks led to worse patient care, increased mortality, study finds

Delayed procedures and tests were the most commonly reported consequences of healthcare cyberattacks, according to a study from the Ponemon Institute and Proofpoint. 

By Hailey Mensik • Sept. 13, 2022

Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

Cisco Talos researchers observed the advanced persistent threat actor infiltrating networks during a six-month campaign.

By Matt Kapko • Sept. 13, 2022

How do I monitor privileged accounts?

Are you monitoring your privileged accounts? Start here to shield your organization against attacks.

By Tony Goulding • Sept. 12, 2022

CISA announces RFI for critical infrastructure cyber reporting mandate

The agency plans to publish the information request in the Federal Register on Monday and will kick off a national listening tour.

By David Jones • Sept. 9, 2022

CISA issues advisory after vulnerabilities found on Baxter infusion pumps

The weaknesses could allow attackers to access WiFi data and make the device unavailable.

By Nick Paul Taylor • Updated Sept. 8, 2022

Healthcare fintechs targeted by cybercriminals

Cybersecurity professionals say healthcare payments processing firms are particularly vulnerable to information technology breaches and ransomware attacks.

By Joe Burns • Sept. 8, 2022