Mandiant red team breaches OT servers to mimic crime group techniques

Researchers are not aware of financially motivated actors using these techniques in the wild.

By David Jones • July 27, 2022

New ransomware discovered using Rust, atypical encryption

Luna’s use of platform-agnostic code allows threat actors to initiate attacks on different operating systems concurrently.

By Matt Kapko • July 20, 2022

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

LockBit ransomware hitting network servers

The latest tactic used to deploy the prolific malware allows threat actors to end processes, stop services and duplicate more quickly.

By Matt Kapko • July 20, 2022

State-backed threat actors use Google Drive, Dropbox to launch attacks

The Russia-linked threat actor behind the SolarWinds attack used cloud storage services to deploy malicious payloads using Cobalt Strike. 

By David Jones • July 19, 2022

US effort to rip and replace hardware made in China is ballooning in cost

A yearslong push to remove telecom equipment deemed a national security threat continues to vex regulators.

By Matt Kapko • July 18, 2022

CISA releases indicators of compromise for hard-hit VMware Horizon

Federal authorities warn a more complex form of malware is providing advanced persistent threat actors with vast command and control capabilities.

By Matt Kapko • July 18, 2022

Cyber insurers split on what’s most important in a security posture assessment

To keep up with demand, cyber insurers acknowledge the need to rethink the underwriting process, research from Panaseer shows.

By Naomi Eide • July 15, 2022

Threat actors favor brute force attacks to hit cloud services

Google Cloud warned that organizations face their greatest threat due to weak passwords and vulnerable software.

By Matt Kapko • July 12, 2022

How CISOs can prepare for new and unpredictable cyberthreats

CISOs often ask, “How do I avoid being hit by the next major cyberattack?” The problem is, that’s the wrong question.  

By Jeremy D’Hoinne • July 11, 2022

What to watch with 5G network security

For wireless network carriers, 5G is a model of what’s next. But it also introduces features and services that dramatically expand the threat surface.

By Matt Kapko • July 8, 2022

Hive ransomware group migrates code to Rust, accelerating data encryption

Microsoft warns the newly discovered variant of one of the most prevalent ransomware payloads can process large amounts of data more quickly.

By Matt Kapko • July 6, 2022

Threat actors capitalize on red team tool capable of bypassing EDR, antivirus

A malware sample uploaded to VirusTotal contained a malicious payload Brute Ratel C4. Upon evaluation, 56 vendors gave it a clean bill of health.

By David Jones • July 6, 2022

Google TAG exposes hack-for-hire groups targeting activists and sensitive data

The organizations have operated in regions across the globe, with some openly advertising their services.

By David Jones • July 5, 2022

Federal authorities warn MedusaLocker ransomware targeting remote desktop vulnerabilities

The ransomware as a service group began targeting healthcare and other industries in 2019. In recent months, activity has surged once again.

By David Jones • July 1, 2022

Cash-strapped Main Street organizations face global cyberthreats

A House subcommittee hearing in Michigan helped show the persistent risks faced by local schools, government agencies and Main Street businesses.

By David Jones • June 29, 2022

Is your remote IT job candidate legit?

Organizations are seeing a rise in deepfakes and stolen identities during the job application process, the FBI said.

By Naomi Eide • June 29, 2022

Ransomware groups shift tactics and objectives

Malware can play a major or nonexistent role in ransomware attacks. Threat actors are often only in it for the money.

By Matt Kapko • June 15, 2022

5 takeaways from the RSA Conference

The event tried to pick up where it left off 28 months ago. Can defenders keep up with the accelerated pace and scale of the cyber threat?

By Matt Kapko • June 13, 2022

America's cyber chiefs have a long to-do list

The federal government wants to lead by example and communicate the urgency of the moment. First, it needs to get its security affairs in order. 

By Matt Kapko • June 9, 2022

Threat hunters minimize Russia's cyber prowess

U.S. organizations have a lot to learn from Ukrainian cyber defenders’ sophisticated resiliency during hostile conditions.

By Matt Kapko • June 9, 2022

Food supplier cyber risk spreads 1 year after JBS attack

Ransomware attacks target common vulnerabilities like legacy OT systems and equipment that lacks modern security tools.

By Matt Kapko • June 2, 2022

Russia, backed by ransomware gangs, actively targeting US, FBI director says

The FBI is laser focused on preventing a destructive attack, FBI Director Christopher Wray said. The agency previously, helped to disrupt a 2021 Iran-backed attack on Boston Children’s Hospital. 

By David Jones • June 2, 2022

Conti ransomware gang grows brash and flames out. What's next?

The group's reported demise is likely a diversion. Members of the group still pose a significant ransom and data extortion threat to enterprises.

By Matt Kapko • May 31, 2022

Persistent vulnerabilities put VMware on the defense

Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.

By Matt Kapko • May 27, 2022

Cybersecurity threat extends to utility credit ratings: Fitch

Electric utilities, up against growing cyberthreats and poor security practices, "could result in negative rating actions," Fitch Ratings said.

By Robert Walton • May 26, 2022