Cyberattacks, tech disruption rank as top threats to business growth

Two in five executives view data breaches and leaks as the most financially burdensome man-made threats, a Chubb study found.

By Alexei Alexis • Jan. 10, 2025

US Treasury office sanctions firm connected to state-sponsored Flax Typhoon threat group

A Beijing-based cybersecurity company, Integrity Technology Group Inc., is linked to years of exploitation activity targeting U.S. critical infrastructure.

By David Jones • Jan. 6, 2025

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

Rhode Island officials warn residents as ransomware group threatens social services data leak

The personal data of hundreds of thousands of vulnerable residents is at risk after a threat group attacked a state social services database.

By David Jones • Dec. 18, 2024

Frontline workforce tech predictions for 2025: A new era of efficiency and security

2025 Predictions: Boosting frontline efficiency with passwordless tech and identity and access management innovations

By Joel Burleson-Davis, SVP Worldwide Engineering, Cyber • Dec. 9, 2024

FBI, CISA warn of heightened risk of BEC attacks during holiday season

Authorities encouraged prompt reporting, which can help recover stolen payments.

By David Jones • Nov. 27, 2024

Countering multidimensional threats: lessons learned from the 2024 election

In 2024, election officials and law enforcement shared intelligence closely to counter complex threats.

Nov. 18, 2024

The company you keep: your most trusted vendor could be your biggest security risk

Your trusted vendor might be your biggest security risk. Learn how to mitigate third-party threats.

By Joel Burleson-Davis, SVP Worldwide Engineering, Cyber, Imprivata • Nov. 11, 2024

AI increases fraud risk, fintechs say

Financial firms monitor for fraud by looking for unusual activity, but an artificial intelligence model can be trained to transact like a real person.

By Patrick Cooley • Nov. 5, 2024

Enterprise executives cite AI-assisted attacks as top emerging risk, Gartner finds

The analyst firm’s survey underscores growing concern about potential, yet unrealized, scenarios involving AI’s potential role in attacks.

By Matt Kapko • Nov. 4, 2024

Iran-linked attackers hit critical infrastructure with brute force

CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.

By Matt Kapko • Oct. 17, 2024

State CISOs up against a growing threat environment with minimal funding, report finds

A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.

By David Jones • Oct. 2, 2024

Phishing remains cloud intrusion tactic of choice for threat groups

The long-lasting effectiveness and success of phishing campaigns underscores the most central challenge in cybersecurity — people are the weakest link.

By Matt Kapko • Oct. 2, 2024

CISA again raises alarm on hacktivist threat to water utilities

The alert comes just days after an attack against a water treatment facility in Kansas.

By David Jones • Sept. 26, 2024

Data privacy concerns swirl around generative AI adoption

IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.

By Roberto Torres • Sept. 25, 2024

Dark web exposure is ‘highly correlated’ with cyberattack risk

Organizations that are mentioned in dark web market listings are more than twice as likely to experience an attack, Marsh McLennan found.

By Alexei Alexis • Sept. 24, 2024

Cybersecurity firm flags attack on construction accounting system

Users of Foundation Software, which serves 43,000 construction pros, may be at risk of intrusion if they still use default credentials, according to cybersecurity firm Huntress.

By Matthew Thibault • Sept. 20, 2024

Port of Seattle official flags a cyber dilemma, ‘one-way street’ with federal agencies

A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.

By Matt Kapko • Sept. 19, 2024

Open source maintainers, under security pressure, remain largely unpaid after XZ Utils

A report by Tidelift shows an equity gap remains between open source developers and well-resourced software users who are pushing for higher security standards.

By David Jones • Sept. 17, 2024

Valid accounts remain top access point for critical infrastructure attacks, officials say

CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.

By Matt Kapko • Sept. 17, 2024

Keeping data secure in the age of generative AI

Generative AI is reshaping industries, but with innovation comes new data security challenges. Are your cybersecurity practices keeping up?

By Rob Juncker, CTO of Code42, now part of Mimecast • Sept. 16, 2024

Mastercard’s $2.65B Recorded Future acquisition to buttress its security business

While Mastercard has cybersecurity oversight needs for its cards and payments businesses, it also sells security services to other companies, including banks and fintechs. 

By Lynne Marek • Sept. 13, 2024

Cyber insurance keeps growing, as threats spur competition

Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.

By David Jones • Sept. 9, 2024

Deepfake scams escalate, hitting more than half of businesses

The vast majority of corporate finance professionals, 85%, now view such scams as an “existential” threat, a Medius study found.

By Alexei Alexis • Sept. 4, 2024

Prolific RansomHub engaged in attack spree, feds warn

The group has been among the most active threat groups of 2024, and is linked to a tool that can neutralize endpoint security.

By David Jones • Sept. 4, 2024

Microsoft is training developers on the intricacies of threat intelligence

Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.

By Matt Kapko • Sept. 4, 2024