Threats: Page 2
-
WhataWin via Getty Images
Ivanti Connect Secure hackers hide in plain sight, evading protections
Mandiant researchers estimate thousands of devices have been exploited, and are urging users to check their systems with a newly updated tool.
By David Jones • Updated March 1, 2024 -
Matt Kapko/Cybersecurity Dive
Cloud intrusions spiked 75% in 2023, CrowdStrike says
Threat actors are targeting organizations’ inconsistent cloud security systems to intrude networks and maintain persistence.
By Matt Kapko • Feb. 23, 2024 -
Explore the Trendline➔
ar-chi via Getty Images
TrendlineRisk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
Barks_japan via Getty Images
FBI-led operation disrupts botnet controlled by state-linked Forest Blizzard
Russia’s GRU-backed group exploited hundreds of vulnerable routers to conduct spear phishing and credential harvesting attacks against U.S. targets.
By David Jones • Feb. 16, 2024 -
Justin Sullivan via Getty Images
OpenAI, Microsoft warn of state-linked actors’ AI use
Threat groups linked to Russia, China, North Korea and Iran were using AI in preparation for potential early stage hacking campaigns.
By David Jones • Feb. 15, 2024 -
Permission granted by Information Technology Industry Council
National cyber director urges private sector collaboration to counter nation-state cyber threat
Harry Coker said the Biden administration is exploring plans to hold manufacturers accountable for poor security, while also working to harmonize regulations.
By David Jones • Feb. 9, 2024 -
Kevin Dietsch via Getty Images
CISA, FBI confirm critical infrastructure intrusions by China-linked hackers
Federal agencies urged critical infrastructure providers and tech manufacturers to take immediate action to protect against malicious threat activity from Volt Typhoon.
By David Jones • Feb. 7, 2024 -
Zephyr18 via Getty Images
Mortgage industry attack spree punctuates common errors
Attacks against Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot impacted operations and put customers in a bind.
By Matt Kapko • Feb. 6, 2024 -
"Schneider Electric Torgauer Straße auf dem EUREF-Campus Berlin-Schöneberg" by Igor Calzone1 is licensed under CC BY-SA 4.0
Schneider Electric restores sustainability operations after attack
The energy management company is still investigating the ransomware attack, which led to the theft of data.
By David Jones • Feb. 6, 2024 -
onurdongel via Getty Images
China-linked hackers primed to attack US critical infrastructure, FBI director says
Christopher Wray and other top cybersecurity officials warned state-linked hackers are prepositioning for catastrophic attacks to distract from a potential military action.
By David Jones • Feb. 1, 2024 -
Naomi Eide/Cybersecurity Dive
What’s ahead for cybersecurity in 2024
A steady stream of threats and new regulations have executives tiptoeing around how to best detail security incidents.
By Naomi Eide • Jan. 31, 2024 -
Win McNamee via Getty Images
In 2024, the cybersecurity industry awaits more regulation — and enforcement
Private sector companies and critical infrastructure providers will face unprecedented demands for product security, intelligence sharing and transparency on data security.
By David Jones • Jan. 31, 2024 -
AnnaStills via Getty Images
AI-generated code leads to security issues for most businesses: report
More than three-quarters of developers bypass established protocols to use code completion tools despite potential risks, Snyk’s research found.
By Lindsey Wilkinson • Jan. 30, 2024 -
BrianAJackson via Getty Images
AI, fake CFOs drive soaring corporate payment-fraud attacks
Generative AI tools like ChatGPT are making it easier for scammers to create bogus texts and emails as well as deep-fake voices at scale.
By Alexei Alexis • Jan. 23, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA’s 1,200 pre-ransomware alerts saved organizations millions in damages
The federal agency’s early warning system notified organizations across multiple critical infrastructure sectors of potential impending attacks.
By Matt Kapko • Jan. 19, 2024 -
Getty Images via Getty Images
Ivanti Connect Secure devices face active exploitation, patch schedule staggered
Unauthenticated attackers can take control of systems by exploiting the zero days, which a suspected state-linked threat actor is chaining together.
By David Jones • Jan. 11, 2024 -
iStock/Getty Images Plus via Getty Images
5 cybersecurity trends to watch in 2024
Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.
By David Jones , Matt Kapko • Jan. 10, 2024 -
Leon Neal via Getty Images
How to ensure data privacy in a ChatGPT world
CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity.
By Sue Poremba • Jan. 9, 2024 -
WhataWin/Getty Images via Getty Images
DDoS attack traffic surged in 2023, Cloudflare finds
Elevated malicious DDoS activity coincided with mass exploits of the novel zero-day vulnerability HTTP/2 Rapid Reset, which threat actors used to launch DDoS attacks last year.
By Matt Kapko • Jan. 9, 2024 -
iStock / Getty Images Plus via Getty Images
Fleeting fake delivery phishing campaign targets last-minute shoppers
Text messages disguised as urgent or failed delivery notifications can create tension between impersonated delivery service companies and legitimate customers.
By Matt Kapko • Dec. 22, 2023 -
(2008). Retrieved from Environmental Protection Agency.
Water utility cyberattacks underscore ongoing threat to OT
U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.
By David Jones • Dec. 5, 2023 -
Alex Potemkin via Getty Images
Authorities raise alarm on threats against water, other critical sectors
An ongoing cyber campaign against Unitronics PLC devices has impacted multiple U.S. water facilities, but authorities are also monitoring energy, healthcare, and food and beverage manufacturing.
By David Jones • Dec. 4, 2023 -
Chip Somodevilla via Getty Images
For financial services firms, a pattern of malicious cyber activity is emerging
The suspected ransomware attack against Fidelity National Financial marks the latest in a series of incidents, leading regulators to take additional enforcement actions.
By David Jones • Nov. 29, 2023 -
Justin Sullivan/Getty Images via Getty Images
CitrixBleed worries mount as nation state, criminal groups launch exploits
LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.
By David Jones • Nov. 22, 2023 -
Shaun Taylor via Getty Images
Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend
A rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.
By David Jones • Nov. 21, 2023 -
Motortion via Getty Images
SMBs hit by rise in legitimate tool-based attacks
Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.
By Matt Kapko • Nov. 21, 2023
Previous
