Malicious OAuth applications used to control Exchange tenants in sweepstakes scam

Microsoft researchers said a threat actor launched credential-stuffing attacks against high-risk accounts that failed to deploy multifactor authentication.

By David Jones • Sept. 23, 2022

Stolen single sign-on credentials for major firms available for sale on dark web

Stolen SSO credentials are available for half of the top 20 public companies, and 25% of the entire S&P 500, BitSight found.

By David Jones • Sept. 21, 2022

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

State education leaders prioritize cybersecurity, but lack funding

In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.

By Anna Merod • Sept. 15, 2022

Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

Cisco Talos researchers observed the advanced persistent threat actor infiltrating networks during a six-month campaign.

By Matt Kapko • Sept. 13, 2022

US Treasury sanctions Iran intelligence agency following Albanian government attack

The Treasury Department said Iran has engaged in malicious cyber activity against government and private sector organizations, including critical infrastructure targets, since at least 2007.

By David Jones • Sept. 12, 2022

Researchers warn older D-Link routers are under threat from Mirai malware variant

Attackers are leveraging vulnerabilities in the devices to build botnets and launch DDoS attacks, according to Palo Alto Networks research.

By David Jones • Sept. 8, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 29, 2022

How does Privileged Access Management work?

The model is a framework to help you set the right PAM foundation and get your organization on the PAM journey, now and in the future.

Aug. 29, 2022

Tips for how to safeguard against third-party attacks

Organizations need to demand and ensure all vendors implement rigorous security measures. Sometimes the least likely tools pose the most risk. 

By Matt Kapko • Aug. 25, 2022

Ransomware attack surges tied to crypto spikes

Not every ransomware attempt leads to a successful attack. But with more attempts comes more potential damage.

By Matt Kapko • Aug. 24, 2022

Credential stuffing hammers US businesses as account data for sale in bulk

Media companies, retailers, restaurant groups and food delivery services are at heightened risk, the FBI said.

By Matt Kapko • Aug. 23, 2022

LockBit ransomware group claims responsibility for Entrust attack

The prolific ransomware gang threatened to publish data stolen during the attack.

By Matt Kapko • Aug. 19, 2022

Mailchimp breach shines new light on digital identity, supply chain risk

Sophisticated threat actors are targeting weak links in the email marketing space to go after vulnerable financial targets.

By David Jones • Aug. 18, 2022

The same old problems nag cybersecurity professionals

Technical complexities abound as the perceived level of risk rises in an unrelenting fashion.

By Matt Kapko • Aug. 17, 2022

How attackers are breaking into organizations

Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.

By Matt Kapko • Aug. 15, 2022

Critical flaws on widely used Cisco firewalls left unpatched for months

Most of the vulnerabilities allow attackers to execute arbitrary code, Rapid7 researchers said.

By David Jones • Aug. 12, 2022

Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

The state of cybersecurity is bad and it’s going to get worse, Chris Krebs said at Black Hat. But somehow things might eventually get better.

By Matt Kapko • Aug. 10, 2022

AWS, Splunk lead open source effort to spot and curb cyberattacks

A broad group of 18 tech companies are collaborating to establish a less cumbersome model for cybersecurity defense coordination.

By Matt Kapko • Aug. 10, 2022

Cloudflare thwarts ‘sophisticated’ phishing attack strategy that bruised Twilio

Dissimilar responses from Cloudflare and Twilio bear important lessons in transparency, resiliency and access.

By Matt Kapko • Aug. 9, 2022

The 11 most-prevalent malware strains of 2021 fuel cybercrime

Cybercriminals remain the most prolific users of malware, wielding these top strains to deliver ransomware and steal data.

By Matt Kapko • Aug. 5, 2022

Ransomware defense guidance risks hang-ups under many steps

Small and mid-sized businesses don’t typically have the resources to meet every safeguard. But every action, however small, helps.

By Matt Kapko • Aug. 4, 2022

Threat actors hide malware in legitimate — and high profile — applications

Researchers from VirusTotal show how attackers use social engineering techniques to launch malicious attacks behind trusted applications.

By David Jones • Aug. 3, 2022

Initial access brokers selling online access to unsuspecting MSPs

The ads for initial access to MSPs follow warnings from the FBI, CISA and intelligence partners from the Five Eyes.

By David Jones • Aug. 2, 2022

Most cyberattacks come from ransomware, email compromise

Attackers are scanning for vulnerabilities in unpatched systems within 15 minutes, stressing the pace and scale of the threat.

By Matt Kapko • Aug. 1, 2022

Threat actors shifting tactics as Microsoft blocks, unblocks and reblocks macros

Proofpoint researchers say criminal hackers are turning to container files and Windows shortcuts to distribute malware.

By David Jones • July 29, 2022