Threat actors are using remote monitoring software to launch phishing attacks

A joint warning from CISA, the NSA and MS-ISAC warns APT actors could leverage legitimate tools using help-desk themed lures to gain persistence. 

By David Jones • Jan. 26, 2023

World Economic Forum officials warn global instability could lead to catastrophic cyber event

A report released at the WEF said top business leaders and security experts fear heightened geopolitical tensions could result in a major attack in the next two years.

By David Jones • Jan. 19, 2023

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

Threat actors lure phishing victims with phony salary bumps, bonuses

Multiple campaigns underscore threat actors’ ability to shift tactics and target employees by exploiting current events and themes.

By Matt Kapko • Jan. 19, 2023

NRF forms cyberthreat intelligence partnership with RH-ISAC

The world’s largest retail association plans to collaborate on intelligence and advocacy in a heightened environment for ransomware and vulnerabilities.

By David Jones • Jan. 11, 2023

6 security experts on what cyberthreats they expect in 2023

Organizations will keep a close eye on geopolitical tension and supply chain attacks. But at the core, the biggest threats are built on mistakes.

By Naomi Eide , Matt Kapko , David Jones • Jan. 6, 2023

Rackspace recovers old emails as customers await answers from ransomware probe

The cloud-services company previously said an investigation into the ransomware incident was almost complete, but has not yet released key details. 

By David Jones • Dec. 22, 2022

Remote, third-party workers raise security risks for enterprises: report

A study on behalf of Talon shows third-party contractors are often engaged in risky behavior, using unmanaged devices or high-risk desktop technologies. 

By David Jones • Dec. 21, 2022

Incident responders brace for end-of-year cyber scaries

Fears of the next SolarWinds or Log4j-style incident hitting over the holidays have some cybersecurity experts on edge.

By Matt Kapko • Dec. 19, 2022

Rackspace blames ransomware attack on financially motivated threat actor

The cloud services firm says an investigation into the Dec. 2 ransomware attack is close to wrapping up.

By David Jones • Dec. 15, 2022

Threat actors abuse legitimate Microsoft drivers to bypass security

Researchers from Mandiant and SentinelOne say attackers have deployed malware that can allow them to get around security controls. 

By David Jones • Dec. 13, 2022

Infostealer malware surges on dark web amid rise in MFA fatigue attacks

Lapsus$, one of the most prolific ransomware actors of 2022, has utilized such tactics to breach a number of high-profile organizations.

By David Jones • Dec. 5, 2022

Cyber Safety Review Board to probe Lapsus$ ransomware spree

Following an inaugural review of Log4j, the board will investigate the threat actor’s prolific campaign of cyber extortion against major companies, including Uber, T-Mobile and Nvidia.

By David Jones • Dec. 2, 2022

Walmart security, operating at a vast scale, turns to automation

Security operations centers, part of Walmart Global Tech, process 6 trillion data points each year, a feat unattainable through manual methods. 

By Naomi Eide • Nov. 30, 2022

‘Tis the season for shopping and scams, CISA warns

Adversaries exploit individuals hunting for the best deals online during the holiday shopping season. If a deal looks too good to be true, trust your instincts — it's not.

By Matt Kapko • Nov. 23, 2022

K-12 schools lack resources, funding to combat ransomware threat

One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

By David Jones • Nov. 14, 2022

Citrix CVEs need urgent security updates, CISA says

Though there's no active exploitation yet, Tenable researchers warn they expect threat actors to target the Citrix systems in the near term.

By David Jones • Nov. 10, 2022

Face it, password policies and managers are not protecting users

Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

By Sue Poremba • Nov. 7, 2022

No, your CEO is not texting you

Everyone wants to stay on good terms with their employer. Threat actors know this too, and they exploit this weakness accordingly. Don’t fall for it.

By Matt Kapko • Nov. 3, 2022

Industrial providers ramp up cyber risk posture as OT threats evolve

The majority of industrial organizations have increased OT security budgets and conducted security audits but aging technology and staffing woes persist, a new report found. 

By David Jones • Oct. 31, 2022

GAO to feds: More coordination needed to strengthen K-12 cybersecurity

The government watchdog said the Ed Department and CISA have “little to no interaction” with other agencies and the K-12 community on cybersecurity.

By Anna Merod • Oct. 25, 2022

Mandiant CEO pledges to automate threat intel under Google

Google’s chops in artificial intelligence, cloud computing and analytics play a central role in Mandiant’s emboldened vision.

By Matt Kapko • Oct. 17, 2022

Lloyd’s, after proactively taking systems offline, finds no evidence of compromise

Lloyd’s plans to restore full service by Wednesday after an investigation with Mandiant, NTT and its internal team.

By Naomi Eide • Oct. 10, 2022

Details emerge on CommonSpirit’s ‘IT security incident’ as more regions report disruptions

Some CommonSpirit hospitals across the country have been cut off from their electronic health records forcing them to revert to paper charts. 

By Samantha Liss • Oct. 5, 2022

State-linked actor targets VMware hypervisors with novel malware

The technique was discovered by Mandiant researchers looking into a campaign designed to avoid EDR detection.

By David Jones • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022