Cyberattacks: Page 7
-
Jeenah Moon via Getty Images
Microsoft Exchange state-linked hack entirely preventable, cyber review board finds
The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.
By David Jones • April 3, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA asserts no data stolen during Ivanti-linked attack on the agency
Threat actors gained access to and potentially compromised two CISA systems weeks after the agency applied Ivanti’s initial mitigation measures.
By Matt Kapko • April 2, 2024 -
Explore the Trendline➔
BNMK0819 via Getty Images
TrendlineTop 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
iStock / Getty Images Plus via Getty Images
Hospital groups question HHS about data breach reporting after Change Healthcare attack
In a Thursday letter, the American Hospital Association urged the HHS’ Office of Civil Rights to reduce “duplicative” breach notifications from the cyberattack.
By Susanna Vogel • March 25, 2024 -
Sponsored by Palo Alto Networks
From silos to synergy: how IT-OT integration strengthens industrial cybersecurity
Disconnects between IT and OT teams hinder stronger cybersecurity; it’s time to flip the script. IT and OT teams hinder stronger cybersecurity; it’s time to flip the script.
By Qiang Huang, Vice President of product management, cloud delivered security services of Palo Alto Networks • March 25, 2024 -
Getty Plus via Getty Images
Threat groups hit enterprise software, network infrastructure hard in 2023
Recorded Future observed an approximately threefold increase in actively exploited high-risk vulnerabilities in enterprise software and network infrastructure, such as VPNs.
By Matt Kapko • March 22, 2024 -
Retrieved from Jen Easterly/CISA.
Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears
Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk.
By David Jones • March 22, 2024 -
Ruben Sprich/Reuters
Change Healthcare’s drawn-out recovery catches flak from cyber experts
At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.
By Matt Kapko • March 21, 2024 -
mohd izzuan via Getty Images
Change Healthcare cyberattack could damage credit at small providers: Fitch
Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.
By Emily Olsen • March 21, 2024 -
NicoElNino via Getty Images
Five Eyes implores critical infrastructure execs to take China-linked threats seriously
Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.
By Matt Kapko • March 20, 2024 -
Kevin Dietsch via Getty Images
More warnings emerge about state-linked cyber threats to water infrastructure
The White House and EPA set an urgent virtual meeting with state homeland security and other top officials, citing efforts to boost the resiliency of drinking and wastewater treatment systems.
By David Jones • March 20, 2024 -
Photo illustration: Industry Dive; US Securities and Exchange Commission
How companies describe cyber incidents in SEC filings
The words businesses use in cybersecurity disclosures matter. They can channel confidence in the recovery process, potential impacts and legal liabilities.
By Matt Kapko • March 19, 2024 -
Andrew Brookes
Audit committees rank cybersecurity as top priority amid SEC crackdown
Cyberattacks are just one of several rapidly changing threats confronting audit committees, according to the Center for Audit Quality and Deloitte.
By Jim Tyson • March 14, 2024 -
Courtesy of Change Healthcare
Change Healthcare locates ransomware attack vector
Though the UnitedHealth Group subsidiary’s recovery efforts are ongoing, a forensic analysis identified a safe system restoration point.
By Matt Kapko • March 14, 2024 -
Alex Wong via Getty Images
HHS opens investigation into Change Healthcare cyberattack
The Office for Civil Rights will focus on whether protected health information was breached and if UnitedHealth complied with privacy and security requirements.
By Emily Olsen • March 14, 2024 -
TriggerPhoto via Getty Images
White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout
Officials called on payers to cut red tape and offer financial support to providers, including advanced payments.
By Emily Olsen • March 13, 2024 -
Nick van Bree via Getty Images
Ransomware festers as a top security challenge, US intel leaders say
U.S. intelligence leaders warn ransomware activity is growing, despite high profile efforts to seize threat actors’ infrastructure.
By Matt Kapko • March 12, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA attacked in Ivanti vulnerabilities exploit rush
The nation’s cyber defense agency was hit “about a month ago” by widely exploited vulnerabilities in the popular remote access VPN product.
By Matt Kapko • March 11, 2024 -
iStock / Getty Images Plus via Getty Images
Ransomware attacks are hitting critical infrastructure more often, FBI says
The agency received more reports of ransomware last year, but officials remain troubled by the amount of attacks that go unreported.
By Matt Kapko • March 11, 2024 -
Jeenah Moon via Getty Images
Microsoft’s security woes persist as Midnight Blizzard remains on the offensive
The Russia state-sponsored threat actor is using secrets it stole from Microsoft’s systems to gain or attempt to gain further access to the company’s IT infrastructure.
By Matt Kapko • March 8, 2024 -
Schweikert, John. (2022). [Photograph]. Retrieved from U.S. Courts.
Change Healthcare faces potential class action as lawsuits rack up
At least six federal lawsuits seeking class-action status were filed since the cyberattack, alleging the technology firm didn’t have reasonable cybersecurity measures.
By Emily Olsen • March 8, 2024 -
Courtesy of UnitedHealth Group
Change Healthcare says its largest claims clearinghouses are coming back online
The technology firm said more than $14 billion in claims were prepared for processing and will start flowing soon.
By Emily Olsen • Updated March 25, 2024 -
erdikocak via Getty Images
CMS rolls out provider flexibilities amid fallout from Change cyberattack
Provider groups said the government should go further to financially bolster providers during the outage at Change Healthcare.
By Emily Olsen • March 5, 2024 -
TU IS via Getty Images
Amex cardholder data exposed in merchant processor hack
The point-of-sale attack on a merchant processor may have compromised card numbers, expiration dates and cardholder names, Amex said in a state regulatory filing.
By Caitlin Mullen • March 5, 2024 -
Courtesy of UnitedHealth Group
Change Healthcare cyberattack having ‘far-reaching’ effects on providers
Providers said the outage at the UnitedHealth-owned technology company has affected billing, eligibility checks, prior authorization requests and prescription fulfillment.
By Emily Olsen , Susanna Vogel • March 5, 2024 -
George Frey / Getty Images Plus via Getty Images
AlphV’s hit on Change Healthcare strikes a sour note for defenders
The ransomware group didn’t just regroup quickly after a law enforcement takedown. It carried out the worst attack on U.S. infrastructure to date, according to experts.
By Matt Kapko • March 4, 2024
Previous
