Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor

The newly identified malware, called FoggyWeb, has been observed since April and is used to steal from compromised AD FS servers. 

By David Jones • Sept. 28, 2021

Ransomware compromises customer data in farm co-op attack

A Minnesota-based co-op became the second agricultural firm in recent days to be the target of ransomware, just weeks after the FBI and CISA warned of a wider threat to the industry.

By David Jones • Updated Sept. 24, 2021

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

After 400 attacks, feds warn of Conti ransomware

Nearly a year after U.S. security agencies warned the healthcare sector about Ryuk, the same threat actors are reemerging as a risk to businesses.

By Samantha Schwartz • Sept. 23, 2021

Enterprises plan major investments as remote work escalates security risk: report

Companies face significant challenges in managing security as the work-from-home model moves from an emergency stopgap to a more permanent environment. 

By David Jones • Sept. 22, 2021

Treasury sanctions crypto exchange Suex in push to thwart ransomware

While more legal measures await international cybercrime, the government is sending interim messages to ransomware gangs.

By Samantha Schwartz • Sept. 22, 2021

Fortinet credential drop linked to fissure in ransomware group

Researchers linked a new ransomware syndicate called Groove to the Fortinet VPN credential dump, following a rift involving affiliates of Babuk.

By David Jones • Sept. 10, 2021

Ransomware capitalizes on holiday weekends. Feds urge vigilance over Labor Day

The FBI and CISA implored companies and agencies to backup data and use proactive threat-hunting measures to mitigate any potential attacks. 

By David Jones • Sept. 1, 2021

What's at stake in a credential stuffing attack

Attackers gain a network foothold by using stolen credentials under the guise of an authenticated trusted employee or third party.

By Sue Poremba • Sept. 1, 2021

Time to be less dramatic about ransomware

Security is an aspect of normal operations. Proactive, broad measures can mitigate the risk of whatever threat is currently present or yet to come.

By Patricia Muoio • Aug. 31, 2021

Facility management worried about OT cybersecurity, but few plan to fix it

Seven in 10 managers are concerned about having adequate levels of cybersecurity, but only one-third are planning new investments, Honeywell found.

By David Jones • Aug. 27, 2021

More threats target Linux, a foundation for the cloud, report finds

As enterprises embrace cloud, malicious actors are finding sophisticated methods to threaten users for computing power and data theft. 

By David Jones • Aug. 25, 2021

Insider risk surges as resignations mount

Millions of U.S. workers are walking away from existing jobs, increasing the risk to corporate data and, in many cases, source code.

By David Jones • Aug. 13, 2021

Is XDR the next best security solution?

SOCs are still learning about extended detection and response and how to apply it to an existing security stack. But when properly deployed, it's an asset for incident response.

By Samantha Schwartz • Aug. 11, 2021

APT actors target Microsoft 365 using novel techniques

Nation states are combining old techniques with newer methods to establish persistence and steal valuable data from organizations. 

By David Jones • Aug. 6, 2021

Initial access brokers sell a way in, widening the ransomware market

The most popular network access points sold on the dark web offer insight for security teams to better understand what is most vulnerable to ransomware.

By Samantha Schwartz • Aug. 2, 2021

OT cyberattacks could threaten human safety by 2025: Gartner

Critical infrastructure facilities are struggling to contain sophisticated malware and ransomware threats, Gartner research shows.

By David Jones • July 26, 2021

Why cybersecurity keeps payments executives up at night

Payments are a critical part of the nation's infrastructure, so executives in the industry are under pressure to understand the evolving threat landscape.

By Mercedes Cardona • July 21, 2021

Ransomware defenses fail to prevent attack: report

While 54% of organizations conduct anti-phishing training, 24% of ransomware attacks used phishing as the point of entry, a Cloudian survey found.

By Katie Malone • July 20, 2021

REvil vanished from the internet. But ransomware attackers never fully disappear

The hacking group's absence left echoes of high-profile ransomware attacks in its wake. But few think the group is gone for good. Consider this a brief respite.

By Naomi Eide • July 19, 2021

Cloud targeted in widespread brute force campaign

The defense, logistics and energy sectors are among the various entities under threat by the campaign, which targets organizations using Microsoft Office 365.

By David Jones • July 2, 2021

Cobalt Strike rising in prominence among criminal threat actors

The penetration testing tool became a favored weapon in high-profile campaigns, including SolarWinds and the recent Nobelium email attacks.

By David Jones • July 1, 2021

Spoofing, spear phishing dominate BEC attacks: report

Threat actors are targeting the C-suite and corporate finance departments with the goal of stealing credentials or unleashing malicious payloads. 

By David Jones • June 29, 2021

Microsoft customer service agent briefly hit by fresh Nobelium attacks

The threat actor behind the SolarWinds attacks used brute force and password spraying in a new round of attacks, mainly targeting IT and government agencies.

By David Jones • June 28, 2021

How colleges can be proactive about the ransomware threat

Increased online activity during the pandemic intensified the impact of cyberattacks on higher ed, one expert explains.

By Hallie Busta • June 22, 2021

Biden confronts Putin on cyberattacks, private sector optimistic

The U.S. president drew a line with the Russian leader on critical infrastructure as the countries plan to cooperate on reducing malign activity.

By David Jones • June 17, 2021