Enterprises rarely follow advice to never pay ransoms

Ransomware foists a difficult choice on executives and very few leave business operations in limbo to test a best practice.

By Matt Kapko • May 16, 2022

Emotet reemerges as top malware in circulation

The botnet’s activity surged 2,823% between Q4 2021 and Q1 2022, displaying a more recent shift in targets, HP Wolf Security analysts said.

By Matt Kapko • May 12, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

US, allies blame Russia for Viasat cyberattack

The Five Eyes and other EU authorities linked Russia to a series of web defacement, DDoS and destructive wiper attacks in the weeks leading up to the Ukraine invasion.

By David Jones • May 11, 2022

SEO-savvy threat actors drive surge in malware downloads

Cybercriminals flooded Google and Bing with malicious PDF files that contain commonly searched keywords, resulting in a 450% annualized increase in phishing downloads.

By Matt Kapko • May 10, 2022

Threat actor launches email attacks to lift corporate M&A secrets, Mandiant says

The suspected threat actor, UNC3524, lurks in victim environments for at least 18 months.

By Matt Kapko • May 5, 2022

Ukraine cyberthreat activity ramps up against critical infrastructure, governments

Researchers say state-linked and criminal activity has risen in recent weeks.

By David Jones • May 4, 2022

Familiar names top 2021's most-exploited vulnerabilities list

Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.

By David Jones • May 2, 2022

Ransomware attacks, payouts soared worldwide in 2021: report

More organizations are paying ransoms as attacks grow in sophistication.

By David Jones • April 27, 2022

Emotet botnet tests new techniques after global crackdown

The once prolific botnet, returning from "spring break," is preparing a new high-volume campaign, Proofpoint researchers said. 

By David Jones • April 26, 2022

HHS warns providers of 'exceptionally aggressive' ransomware group

The Hive group practices double extortion — demanding payment to free data it has encrypted while also threatening to release the unencrypted data publicly.

By Shannon Muchmore • April 25, 2022

Cyber agencies renew warnings of Russia-linked threats against industrial targets

Separately, the U.S. is expanding the Joint Cyber Defense Collaborative to include experts on industrial control systems.

By David Jones • April 21, 2022

Threat detection accelerates in Asia, Europe, as notification trends shift

Median dwell time fell as organizations boosted cybersecurity defenses, shared threat intelligence.

By David Jones • April 19, 2022

Authorities warn dangerous new malware can shut down, sabotage industrial sites

The malware initially targeted Schneider Electric and Omron controllers.

By David Jones • April 14, 2022

Microsoft intercepts Zloader botnet, a distributor for Ryuk ransomware

Ryuk was behind major attacks on healthcare, while the botnet focused on credentials and financial theft.

By David Jones • April 14, 2022

Microsoft blocks Russian cyberattacks linked to Ukraine war

Strontium, a GRU-linked threat actor, targeted Ukraine media, foreign policy think tanks and government agencies in the U.S. and Europe.

By David Jones • April 8, 2022

DOJ disrupts Russia-backed Cyclops Blink botnet

The court-ordered operation is the latest effort to stop malicious cyber activity following the Russian invasion of Ukraine.

By David Jones • April 7, 2022

Federal authorities urged to bolster intel sharing amid nation-state threats

Current Russian cyber activity has been limited, but experts warn the threat may increase on short notice.

By David Jones • April 6, 2022

State Department launches cyber bureau amid rising global tensions

The long anticipated bureau aims to weave diplomacy into the global effort to combat ransomware and rogue nation-state activity.

By David Jones • April 5, 2022

Viasat network cyberattack linked to newly discovered Russian wiper

SentinelOne researchers said the malware, dubbed AcidRain, is behind the February attack on the satellite communications provider

By David Jones • April 1, 2022

Cyber extortion surges 78% as 'ransomware as a service' spreads

Most companies require at least a month to recover from a ransomware attack, Palo Alto Networks found.

By Jim Tyson • March 29, 2022

Nation-state threat actors remain steps ahead of defenders

IT security leaders reveal significant gaps in their ability to identify and mitigate sophisticated attacks. 

By David Jones • March 28, 2022

White House warns US of possible Russian cyberattack linked to Ukraine invasion

The broad warnings come after federal authorities convened more than 100 critical infrastructure organizations to share classified cyberthreat information.

By David Jones • March 21, 2022

Payments industry makes a tempting target for hackers

The industry should remain on high alert, though Russia's war on Ukraine has not caused a major uptick in cyberattacks. 

By Jonathan Berr , Caitlin Mullen , Lynne Marek • March 21, 2022

Telecoms are essential to everyone's cybersecurity challenges

Communications systems are accessible almost anywhere, at any time by both friend and foe alike.

By Jason Atwell • March 21, 2022

Cyberthreats grow as US, NATO countries press Russia sanctions

The FBI and CISA warned of potential new threats against satellite communications providers.

By David Jones • March 18, 2022