Companies are getting smarter about cyber incidents

Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.

By Robert Freedman • Nov. 21, 2023

SMBs hit by rise in legitimate tool-based attacks

Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

By Matt Kapko • Nov. 21, 2023

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

Dragos again targeted by ransomware group, this time from AlphV

The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.

By David Jones • Nov. 13, 2023

MGM Resorts anticipates no further disruptions from September cyberattack

The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

By David Jones • Nov. 9, 2023

Ransomware targeting casinos is on the rise, FBI warns

Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.

By Matt Kapko • Nov. 9, 2023

Caesars shakes off cyberattack with strong Q3 Las Vegas demand

The casino operator, however, faces extensive litigation and government inquiries following theft of its customer rewards database.

By David Jones • Nov. 1, 2023

Cisco releases security fix for widely-exploited IOS XE software vulnerability

An unidentified threat actor is linked to attacks dating back to mid-September, resulting in about 42,000 exploited devices.

By David Jones • Updated Oct. 23, 2023

SMBs seek cyber training, support as attack risk surges

A report from Sage indicates SMBs face considerable obstacles to preventing cyberattacks when compared to larger, higher resourced enterprises.

By David Jones • Oct. 16, 2023

CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

By David Jones • Oct. 11, 2023

Cloud giants sound alarm on record-breaking DDoS attacks

Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

By David Jones • Oct. 10, 2023

CISA pivots focus to China-linked threats against critical infrastructure

The agency now considers China the top nation-state threat, after a heavy emphasis on risks related to the Russia-Ukraine war.

By David Jones • Oct. 5, 2023

Cisco routers abused by China-linked hackers against US, Japan companies

A longstanding group, identified as BlackTech, uses custom malware to evade detection and hack into international subsidiaries of U.S. and Japanese firms.

By David Jones • Sept. 28, 2023

Average insider cyberthreat cost spikes 40% in 4 years

Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.

By Alexei Alexis • Sept. 22, 2023

AI is entering the enterprise application security tool stack

Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

By Naomi Eide • Sept. 20, 2023

FBI director urges private sector to work with the agency on cyber threats

Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

By David Jones • Sept. 19, 2023

Security has an underlying defect: passwords and authentication

Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.

By Matt Kapko • Sept. 18, 2023

Generative AI, contactless tech make hotels vulnerable to cyberattacks

Guest and worker turnover, as well as new technology adoption, make the hospitality industry an appealing target for cybercriminals, according to Trustwave SpiderLabs.

By Noelle Mateer • Sept. 8, 2023

Ransoming Linux and ESXi systems is getting easier

Threat actors are using memory-safe languages to release payloads for Windows, Linux and ESXi simultaneously, SentinelOne researchers warn.

By Matt Kapko • Aug. 24, 2023

Barracuda ESG zero-day exploit still under way after patches fail

The FBI said users need to isolate and replace affected appliances as threat actors continue to target the remote command injection vulnerability.

By David Jones • Aug. 24, 2023

Hackers target Pentagon contract site via compromised routers

Research from Black Lotus Labs says the new activity aligns with recent state-linked campaigns, including Volt Typhoon.

By David Jones • Aug. 23, 2023

How disjoined threat intelligence limits companies — and what to do about it

There’s no shortage of research on attackers, but for many CISOs, turning those insights into action is a difficult endeavor.

By Matt Kapko • Aug. 15, 2023

Valid account credentials are behind most cyber intrusions, CISA finds

The success rate of these techniques underscores the staying power of the most common methods threat actors use to gain initial access to targeted systems.

By Matt Kapko • July 28, 2023

TSA revises security directives for oil and gas pipelines to test resilience

The updated requirements come amid heightened threats and security incidents, including the recent attack against Suncor Energy in Canada.

By David Jones • July 27, 2023

Microsoft attackers may have data access beyond Outlook, researchers warn

Microsoft is pushing back on claims by Wiz that compromised private encryption keys may have exposed SharePoint, Teams and OneDrive data to an APT actor.

By David Jones • July 21, 2023

DDoS attacks, growing more sophisticated, surged in Q2

One of the more serious incidents used a Mirai-variant botnet to unleash an ACK flood DDoS attack that peaked at 1.4 terabits per second, Cloudflare found.

By David Jones • July 19, 2023