Cyberattacks: Page 29
-
Cybersecurity spending is up but so are breaches
Healthcare, media, entertainment and gaming experienced the greatest growth in breaches last year, coinciding with a "big shift" toward digital transformation, Canalys found.
By Samantha Schwartz • March 30, 2021 -
Security leaders: Expect more insider data leaks, threats in 2021
The rise stems from a lack of accurate insight from data loss prevention and cloud access security broker technologies.
By David Jones • March 29, 2021 -
Explore the Trendline➔
BNMK0819 via Getty Images
TrendlineTop 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.
Babuk ransomware group emerges with new claims against US companies
The threat actor emerges amid heightened ransomware concerns following the Microsoft Exchange server attacks.
By David Jones • March 26, 2021 -
Remote work gives rise to more executive credential theft
Threat actors are increasingly using social engineering to cultivate vulnerable end users and compromise networks, according to a CyberArk report.
By David Jones • March 25, 2021 -
Stock Photo via Getty Images
Threat data sharing considered critical to defense amid rise in sophisticated attacks: report
A Ponemon Institute study shows the value of actionable data as lawmakers and the Biden administration work to encourage intelligence sharing.
By David Jones • March 24, 2021 -
SolarWinds threat actors accessing Microsoft 365 by altering permissions
Mandiant observed a threat actor linked to the SolarWinds campaign using a stealthy approach to read email in targeted mailboxes.
By David Jones • March 22, 2021 -
sestovic via Getty Images
Microsoft Exchange fixes arrive, but some companies lack IT resources to repair
Security specialists and managed-service providers are filling the void at thousands of small firms that operate with limited IT and cybersecurity staffing.
By David Jones • March 19, 2021 -
Long-term SolarWinds consequences
SolarWinds compromise leaves Senate questioning agency cyber defenses
Existing cyber defense programs fell short in detecting and defending U.S. agencies, a shortcoming that exacerbated SolarWinds fallout.
By Samantha Schwartz • March 19, 2021 -
Mimecast migrates to Cisco following supply chain attack
A forensic investigation with FireEye's Mandiant unit confirmed the SolarWinds threat actor did not modify Mimecast's source code.
By David Jones • March 17, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Long-term SolarWinds consequencesSolarWinds rethinks software builds, weeds out code disparities
An attacker would have to compromise two different environments to achieve the same attack on the same code if a company has reproducibility.
By Samantha Schwartz • March 17, 2021 -
Ransomware targeting Microsoft Exchange echoes WannaCry — with a human element
This isn't the first time nation-state exploit kits were released and other bad actors took advantage.
By Samantha Schwartz • March 16, 2021 -
Getty Images
White House looks to tighten private sector coordination, gain infrastructure insight
Following the Microsoft Exchange and SolarWinds attacks, the Biden administration is taking steps to close visibility gaps and encourage rapid intelligence sharing by private sector companies.
By David Jones • March 15, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Long-term SolarWinds consequences
Post-SolarWinds, IT departments increase vendor scrutiny
It's still too soon to know the hack's full impact on IT, but so far, security experts report changing relationships with third-party vendors.
By Katie Malone • March 15, 2021 -
Microsoft deploys more updates to contain Exchange server fallout
The FBI and CISA are warning of additional threats from nation states and threat actors as patching and security updates leave many vulnerable companies exposed.
By David Jones • March 12, 2021 -
DearCry ransomware latching onto Exchange hack, Microsoft says
Patching is the only answer — for now.
By Samantha Schwartz • March 12, 2021 -
Kendall Davis for CIO Dive
Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in
Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.
By David Jones • March 10, 2021 -
Getty Images
55% of healthcare breaches feature ransomware: report
The healthcare industry is a favored target by cybercriminals: Hospitals cannot tolerate downtime or put off emergency patient care.
By Samantha Schwartz • March 10, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
63% of security professionals, execs concerned with SolarWinds hack, survey finds
Before companies overhaul the typical process for building and securing software, SOCs have to figure out if they were a collateral victim of a supply chain hack.
By Samantha Schwartz • March 9, 2021 -
Microsoft Exchange server compromise escalates as mitigation efforts fall short
Officials warn that patching may not fix compromised systems, while tens of thousands of customers are potentially at risk.
By David Jones • March 8, 2021 -
Getty
3 new malware strains show persistence, sophistication of SolarWinds actor
The malware strains, identified by Microsoft, were used in targeted, late-stage attacks to compromise a select number of companies last year.
By David Jones • March 5, 2021 -
Qualys confirms data breach related to Accellion after documents leak
The cloud security firm retained FireEye and insists the breach had no impact on production environments or its code base.
By David Jones • March 4, 2021 -
Traitov/iStock/Getty via Getty Images
Malicious email campaigns target business platforms following remote work surge
Phishing attacks are more becoming targeted, less frequent and use PII to harvest credentials.
By David Jones • March 4, 2021 -
4 questions to ask after discovering a cyberattack
Identifying signs of an ongoing attack or backdoor deployment is nearly impossible for digital laggards.
By Samantha Schwartz • March 4, 2021 -
UHS
UHS estimates Ryuk ransomware damage cost at $67M
Coding and billing functions were delayed into December, impacting the operating cash flows in Q4, the healthcare organization said.
By Samantha Schwartz • March 2, 2021 -
Google Cloud enters cyber insurance collaboration with Allianz, Munich Re
The agreement comes amid increased financial pressure on the cyber insurance industry due to a rise in ransomware and the historic nation-state attack against SolarWinds.
By David Jones • March 2, 2021
Previous
