Threats: Page 19
-
Getty
Cyber defense panel sees more private sector coordination following SolarWinds
Defense and intelligence experts say federal agencies need to strengthen private sector support, intelligence sharing to prevent the next big nation-state attack.
By David Jones • Jan. 20, 2021 -
Kendall, Industry Dive
Malwarebytes attack linked to SolarWinds' nation-state actors, CEO says
Microsoft notified the cybersecurity firm of a compromise involving Office 365 and Azure consistent with prior nation-state attacks.
By David Jones • Jan. 20, 2021 -
Explore the Trendline➔
.shock via Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Fotolia
Financial services companies embrace cloud as security concerns grow
Equifax CISO and a study from Nutanix address how investing in cloud security helps to protect sensitive financial data.
By David Jones • Jan. 15, 2021 -
Mimecast attributes supply chain attack to SolarWinds' hackers
The global email security provider was hit by a malicious attack that compromised a certificate used to authenticate some Microsoft 365 products.
By David Jones • Updated Jan. 26, 2021 -
Samoilov, Yuri, yuri.samoilov.online/. (2014). "System Lock" [Photograph]. Retrieved from Flickr.
Hackers accessed cloud services using phishing, 'pass-the-cookie' attacks, CISA says
In one case, the agency found threat actors accessed a user's account "with proper multi-factor authentication," circumventing the favored security method.
By Samantha Schwartz • Jan. 14, 2021 -
Attackers used password spraying, guessing in SolarWinds hack
As experts investigate the damage, the latest CISA update points to a constant in cybersecurity: weak passwords.
By Samantha Schwartz • Jan. 11, 2021 -
Brian Tucker/Cybersecurity Dive
With cyber bureau, State Department brings diplomacy to threat landscape
CISOs and security experts see the federal bureau as a potential bridge to help align the government and private sector as nation-states pose increased threats.
By David Jones • Updated Jan. 11, 2021 -
thanyakij, bongkarn. (2019). Retrieved from Pexels.
Poor software quality cost businesses $2 trillion last year and put security at risk
The COVID-19 pandemic played a role in the rise of operational software failure, said the Consortium for Information & Software Quality.
By Roberto Torres • Jan. 11, 2021 -
Fast-growing gaming industry faces rising threat of account compromise
A report from KELA shows one million compromised accounts and thousands of leaked employee credentials in underground markets.
By David Jones • Jan. 5, 2021 -
sestovic via Getty Images
Defending the unknown: Companies may not be getting the full story on cyberthreats
Because of the way some data is presented, there is no way to know what vital information might be missing.
By Sue Poremba • Jan. 4, 2021 -
Getty Images
How one hospital is defending against ransomware
By the time the Ryuk ransomware alert was issued, Rush Memorial Hospital had at least two risk mitigation measures: improved backup as a service and a systems engineer with an evasion plan.
By Samantha Schwartz • Dec. 22, 2020 -
Tracking SolarWinds cyberattack fallout, play-by-play
As more companies are discovering impact from the SolarWinds hack, attention is turning toward far-reaching supply chain vulnerabilities.
By Samantha Schwartz , David Jones , Naomi Eide , Katie Malone • Updated Jan. 4, 2021 -
CISA warns of more backdoors beyond SolarWinds Orion
The extent of compromised data is not disclosed. What is clear? Threat actors relied on the supply chain for widespread access.
By Samantha Schwartz • Dec. 17, 2020 -
Kendall Davis for CIO Dive
Microsoft to begin blocking binaries linked to SolarWinds cyberattack
Microsoft Defender Antivirus will quarantine the trojan before it can begin processing, though the company said "it may not be simple to remove the product from service."
By Samantha Schwartz • Dec. 16, 2020 -
IT execs face growing pressure to balance security with productivity
Companies are caught between competing interests as remote workers offset digital security needs with work-life balance.
By David Jones • Dec. 14, 2020 -
valentinrussanov via Getty Images
Federal agencies warn of heightened cyberthreats against K-12 schools
Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said.
By David Jones • Dec. 11, 2020 -
sestovic via Getty Images
NSA calls out Russia-backed exploit of VMware virtual workspace platform
Network administrators in defense and national security were warned to patch systems where bad actors can gain access to data.
By David Jones • Dec. 8, 2020 -
State of K-12 cybersecurity, from traditional IT to classroom lessons
Panelists at the annual ed tech conference last week told educators about the importance of cybersecurity practices as schools are targeted for disruptions and unauthorized disclosures.
By Roger Riddell • Dec. 7, 2020 -
Stock Photo via Getty Images
Why some industries are more secure than others
Threats go beyond industry and target organizations depending on business size. Company size is a factor, but so is investment in cyber defense.
By Sue Poremba • Dec. 7, 2020 -
Kmart's reported ransomware attack highlights ongoing threat to retail
Egregor is emerging as growing cyberthreat as the pandemic shifts holiday shopping even further toward e-commerce.
By David Jones • Dec. 4, 2020 -
Getty
NERC expands IT-focused cybersecurity program as hackers target grid operations tech
Previously focused on utility operations IT, the Cybersecurity Risk Information Sharing Program will now include two pilots scanning for threats to operational technologies.
By Robert Walton • Dec. 4, 2020 -
Getty
Trickbot evolves, adding firmware-level threat to its repertoire, report says
The biggest implication of the discovery focuses on resiliency planning for enterprises, with the risk of mass destruction, researchers found.
By Samantha Schwartz • Dec. 3, 2020 -
Traitov/iStock/Getty via Getty Images
Persistent cyberthreat groups target US think tanks, CISA says
Advanced persistent threat groups, including Cozy Bear, have a history victimizing research and policy institutes.
By Samantha Schwartz • Dec. 2, 2020 -
Supreme Court decision on computer fraud law hinges on one word — 'so'
The U.S. Supreme Court held the Computer Fraud and Abuse Act does not cover incidents which individuals with authorized access to a computer system abuse access privileges.
By Samantha Schwartz • Updated June 3, 2021 -
A cyber stakeholder's guide to Van Buren vs. US
The Supreme Court could determine what constitutes the limits of authorized computer access under the Computer Fraud and Abuse Act. Should this issue be left for Congress?
By Samantha Schwartz • Nov. 30, 2020
Previous
