The Latest
-
luza studios via Getty Images
Critical VMware vulnerabilities resurface after threat actors evade patches within 48 hours
Even with new patches available, CISA is concerned that threat actors will easily shake off the fixes once again.
-
Megan Quinn/Cybersecurity Dive
Biden administration makes inroads amid zero trust rollout
More than 50 federal agencies expect to have EDR technology by the end of fiscal year.
-
Permission granted by Proofpoint
CISOs say they're at less risk of a substantial cyberattack
A modest confidence boost and more deliberate security strategies follow two years of pandemic-induced chaos, a Proofpoint-sponsored survey found.
-
Sean Rayford / Stringer via Getty Images
How the Colonial Pipeline attack instilled urgency in cybersecurity
The federal government and private sector are still coming to terms with how to protect operational technology in an increasingly volatile threat environment.
-
Yuri Arcurs via Getty Images
Enterprises rarely follow advice to never pay ransoms
Ransomware foists a difficult choice on executives and very few leave business operations in limbo to test a best practice.
-
qingwa via Getty Images
Companies need to align cyber and disclosure efforts: SEC attorney
The SEC aims to protect investors from cyber-related risks by cracking down on companies that release misleading disclosures about cyberattacks.
-
Amy Sparwasser/ iStock via Getty Images
Tech giants pledge multimillion down payment to secure open source
Top technology companies offered $30 million toward a two-year goal to bolster software supply chain security.
-
Sean Gallup/Getty Images via Getty Images
Emotet reemerges as top malware in circulation
The botnet’s activity surged 2,823% between Q4 2021 and Q1 2022, displaying a more recent shift in targets, HP Wolf Security analysts said.
-
Alex Wong via Getty Images
White House cyber executive order still has unfinished business
The Biden administration is up against key hurdles in its effort to raise software security standards and establish zero trust across federal agencies.
-
Anastasia Vlasova via Getty Images
US, allies blame Russia for Viasat cyberattack
The Five Eyes and other EU authorities linked Russia to a series of web defacement, DDoS and destructive wiper attacks in the weeks leading up to the Ukraine invasion.
-
Motortion via Getty Images
SEO-savvy threat actors drive surge in malware downloads
Cybercriminals flooded Google and Bing with malicious PDF files that contain commonly searched keywords, resulting in a 450% annualized increase in phishing downloads.
-
Drew Angerer via Getty Images
Colonial Pipeline faces nearly $1M in penalties as federal regulator discloses violations
The Transportation Department’s pipeline safety regulator scrutinized control room management, which may have contributed to the fuel disruptions from the 2021 ransomware attack.
-
Retrieved from GPA Photo Archive.
Vet software security as part of enterprise procurement, NIST says
The guidance, an answer to last year's executive order, examines where and when potential supply chain vulnerabilities can surface.
-
South_agency via Getty Images
Threat actor launches email attacks to lift corporate M&A secrets, Mandiant says
The suspected threat actor, UNC3524, lurks in victim environments for at least 18 months.
-
DKosig via Getty Images
Ukraine cyberthreat activity ramps up against critical infrastructure, governments
Researchers say state-linked and criminal activity has risen in recent weeks.
-
Chainarong Prasertthai via Getty Images
Microsoft, Apple and Google double down on FIDO passwordless standard
The move is designed to boost digital security by allowing users to quickly authenticate across multiple devices and platforms.
-
themotioncloud via Getty Images
Familiar names top 2021's most-exploited vulnerabilities list
Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.
-
anyaberkut via Getty Images
Critical CVEs put Aruba Networks, Avaya enterprise switches at risk
Researchers previously found similar vulnerabilities in Smart-UPS devices.
-
Kena Betancur via Getty Images
M&A sets record pace as ransomware, nation-state threats fuel security demand
Enterprise customers seek consolidated, end-to-end platforms to anticipate, detect and eliminate threats.
-
Chris McGrath via Getty Images
New wiper, worm attacks emerge in Ukraine targeting government and industry
CISA shared indicators of compromise Thursday, months after the malware strains emerged.
Updated April 29, 2022 -
Yudram_TA via Getty Images
Ransomware attacks, payouts soared worldwide in 2021: report
More organizations are paying ransoms as attacks grow in sophistication.
-
Getty / edited by Healthcare Dive
Tenet says 'cybersecurity incident' disrupted hospital operations
The for-profit health system has restored most critical functions, while affected facilities are starting to resume normal operations.
-
atiatiati via Getty Images
What cyber insurance companies want from clients
Insurers evaluate how a company leverages technology and what internal standards are in place to manage risk.
-
anyaberkut via Getty Images
Emotet botnet tests new techniques after global crackdown
The once prolific botnet, returning from "spring break," is preparing a new high-volume campaign, Proofpoint researchers said.
-
themotioncloud via Getty Images
IT leaders remain bullish on open source despite security hiccups
Enterprise adoption of open source has not cooled, but flaws have highlighted the need for a better understanding of dependencies.
