Cybercriminals strike understaffed organizations on weekends and holidays

Cybereason research found organizations are short-staffed on holidays and weekends, even though that's when attackers are likely to strike.

By Matt Kapko • Nov. 18, 2022

Critical infrastructure providers ask CISA to place guardrails on reporting requirements

Top companies and industry groups fear incident reporting mandates would overwhelm CISA with noise. 

By David Jones • Nov. 16, 2022

Nokia warns 5G security ‘breaches are the rule, not the exception’

A majority of 5G network operators experienced up to six cyber incidents in the past year. Defenses are especially lacking for ransomware and phishing attacks.

By Matt Kapko • Nov. 16, 2022

Mondelē​​z settlement in NotPetya case renews concerns about cyber insurance coverage

The legal dispute between the snack giant and insurer Zurich American, which lasted four years, raises further questions about how insurers cover acts of cyber war.

By David Jones • Nov. 8, 2022

Precise ransomware strikes boost threat actors’ success rate

Threat actors are amassing specialized skills and tools from a broader group of cybercriminals to target organizations with more sophisticated tactics.

By Matt Kapko • Nov. 8, 2022

No, your CEO is not texting you

Everyone wants to stay on good terms with their employer. Threat actors know this too, and they exploit this weakness accordingly. Don’t fall for it.

By Matt Kapko • Nov. 3, 2022

CommonSpirit taps new CIO with military background after cyberattack

NewYork-Presbyterian’s Daniel Barchi will take the new position starting Monday, just one month after the hospital chain suffered a high-profile ransomware attack. 

By Samantha Liss • Nov. 2, 2022

After the CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk

The security incident comes three years after the health system’s megamerger, which potentially made it vulnerable to an attack, security experts say.

By Samantha Liss • Oct. 27, 2022

Vice Society’s ransomware playbook, queries for potential victims leaked

The group may follow similar tactics to other threat actors, but its branded extensions make it stand apart, Microsoft researchers found.

By Matt Kapko • Oct. 26, 2022

Ransomware activity persists, but lags 2021 highs

Ransomware attacks are trending upward of late but not at 2021 levels.

By Matt Kapko • Oct. 25, 2022

Cybersecurity quarterly benchmarks: Q1, 2022

Gartner Peer Insights data and opinions run the gamut on cybersecurity maturity, budgets, and initiatives.

Oct. 24, 2022

4 tips to protect IT employees from phishing attacks

No one is perfect, and that includes your IT professionals. Here's what security experts say could help mitigate human error.

By Lindsey Wilkinson • Oct. 14, 2022

CommonSpirit Health confirms it was hit by ransomware attack

The health system is still grappling with the cyberattack more than a week after disclosing an unspecified “IT security incident.” 

By Samantha Liss • Oct. 13, 2022

Lloyd’s at ‘advanced point’ in network investigation, remains mum on the details

The organization has remained tight-lipped on the nature of its unusual network activity — including the root cause — but it has moved quickly to isolate systems.

By Naomi Eide • Oct. 7, 2022

LA schools system downplays impact of leaked data

Screenshots of files stolen and leaked by Vice Society paint a worrying scenario, contradicting some of the district’s assertions.

By Matt Kapko • Oct. 6, 2022

Lloyd’s cuts external connections after identifying ‘unusual’ network activity

The organization, which boasts significant influence in insurance, including cyber coverage mandates, did not disclose the nature of the activity.

By Naomi Eide • Oct. 5, 2022

CommonSpirit Health says it experienced ‘IT security incident’ in multiple regions

One of the nation's largest health systems, CommonSpirit operates 140 hospitals and more than 1,500 sites of care across 21 states.

By Samantha Liss • Oct. 4, 2022

Los Angeles schools’ data leaked after ransomware attack

Vice Society posted data it claims to have stolen during the Labor Day weekend attack. The district refused to respond to the threat actor’s ransom demand.

By Matt Kapko • Oct. 3, 2022

State and local governments report spike in ransomware attacks

The public sector is hit less often than other industries, but it contends with more post-attack damage, according to Sophos.

By Matt Kapko • Oct. 3, 2022

Vice Society raises ransomware pressure on Los Angeles school district

The ransomware group, which has hit at least eight school systems this year, threatened to publish stolen data from the district next Monday.

By Matt Kapko • Sept. 30, 2022

State-linked actor targets VMware hypervisors with novel malware

The technique was discovered by Mandiant researchers looking into a campaign designed to avoid EDR detection.

By David Jones • Sept. 29, 2022

US organizations hit by almost half of all ransomware since 2020

American exceptionalism extends to ransomware as organizations based in the U.S. suffered the greatest number of attacks, ahead of Canada and the U.K. 

By Matt Kapko • Sept. 28, 2022

Australia’s telecom giant Optus avoids ransom demand as attacker reverses course

The threat actor ramped up pressure by leaking data on the Australian company’s customers, then quickly backed down for unknown reasons.

By Matt Kapko • Sept. 27, 2022

American Airlines phishing attack involved unauthorized access to Microsoft 365

The airline has begun disclosing additional details to state regulators, confirming more than 1,700 people were impacted.

By David Jones • Sept. 26, 2022

Australia’s second-largest wireless carrier suffers major cyberattack

Optus pinned the blame on a sophisticated threat actor and expressed concern about potential phishing attacks against its customers.

By Matt Kapko • Sept. 23, 2022