The Latest
-
Thossaphol via Getty Images
Moody’s cites credit risk from state-backed cyber intrusions into US critical infrastructure
Key sectors could face short-term revenue impacts and long-term reputational harm and litigation risk, the credit ratings service said.
-
armiblue/Getty Images Plus via Getty Images
Barracuda zero-day vulnerability exploited for 7 months before detection
The latest disclosure increases the potential for widespread compromise for customers using the security vendor’s email security gateway appliances.
-
gorodenkoff via Getty Images
PyPI to mandate 2FA by the end of 2023
The mandate is part of a larger effort to prevent account takeover attacks.
-
ipopba via Getty Images
ABB confirms ransomware attack resulted in data theft
The Switzerland-based industrial automation giant said customer systems were not directly impacted. Key services and factories remain operational.
-
Ron Smithson/Getty Images Plus via Getty Images
Royal messes with Texas
A trio of ransomware attacks targeting the Dallas metro area have the hallmarks of a targeted campaign. They also underscore a very real problem: society is becoming desensitized to disruption.
-
Mariakray via Getty Images
Ahead of summer holiday weekends, IT security leaders brace for deliberate cyber mischief
Recent history shows holiday weekends and vacations provide an attack surface bonanza for threat actors.
-
iStock/Getty Images Plus via Getty Images
Barracuda patches actively exploited zero-day vulnerability in email gateways
The security vendor declined to answer questions about how many customers were impacted and what, if any, customer data was compromised.
-
gorodenkoff/iStock via Getty Images
Broad campaign underway to access US critical infrastructure using small, home office devices
A state-linked actor, Volt Typhoon, is attempting to gain a foothold across U.S. networks amid rising tensions in the Pacific, Microsoft and the Five Eyes authorities said.
-
Chainarong Prasertthai via Getty Images
CISA updates ransomware guide 3 years after its debut
The #StopRansomware guide, updated in partnership with the FBI, NSA and MS-ISAC, reflects aggressive new techniques used by threat actors, including double extortion.
-
AndreyPopov via Getty Images
Why cyber is also a CIO problem
When an incursion occurs, IT teams need to have a recovery plan and backup systems ready for deployment.
-
stefanovsky via Getty Images
SMBs, regional MSPs under fire from targeted phishing attacks
Sophisticated cybercriminals are attacking vulnerable target rich and resource poor organizations to reach secondary victims via phishing campaigns, Proofpoint researchers warn.
-
Philip Steury via Getty Images
BEC attacks rise as criminal hackers employ new tactics to evade detection
Threat actors are using cybercrime as a service to grow industrial strength campaigns and leveraging residential IP addresses.
-
Leon Neal via Getty Images
KeePass master password manager at risk as users await patch
The exploit only works if the master password is typed directly into KeePass. However, a patch won’t be available for weeks.
-
f11photo via Getty Images
Dallas under pressure as Royal ransomware group threatens leak
By listing Dallas on its leak site on the dark web, Royal rebutted the city’s claims that data was not compromised during the attack.
-
MicroStockHub via Getty Images
IT security budgets are shifting as companies target risk reduction
Organizations are designing their security spending around keeping the business secure and operations running smoothly.
-
Retrieved from Dole.
Dole incurs $10.5M in direct costs from February ransomware attack
The attack impacted about half of Dole's legacy company’s servers and one-quarter of its end-user computers.
-
MicroStockHub via Getty Images
Critical infrastructure security spending to grow 83% by 2027: ABI Research
Analysts forecast cybersecurity spending among critical infrastructure organizations to grow from an estimated $129 billion in 2022 to almost $236 billion by 2027.
-
iStock via Getty Images
Why and how to report a ransomware attack
The majority of ransomware attacks go unreported, creating a blind spot that hampers response, recovery efforts and the prevention of future attacks.
-
UMass Memorial agrees to pay $1.2M to settle FLSA claims stemming from Kronos attack
A ransomware attack took the UKG product offline for weeks and has spawned several lawsuits.
-
gorodenkoff via Getty Images
Cyber resilience programs falling short on preparing workers for a crisis
The report from Immersive Labs raises questions about whether corporate employees would know how to respond after a major cyberattack.
-
drnadig via Getty Images
House hearing details cyber resilience efforts for energy, water and healthcare
Officials from the Department of Health and Human Services, Environmental Protection Agency and the Department of Energy testified how sector agencies are responding to rising threats.
-
Courtesy of Jacobs
Dallas courts still closed 2 weeks post-ransomware attack
Continued outages also prevent police from accessing data, which is severely impacting efforts to reduce crime as summer approaches, Police Chief Eddie Garcia said.
-
Courtesy of Taco Bell
Yum Brands faces class action suits from employees after ransomware attack
The Taco Bell and KFC operator is facing litigation after some personal data of company employees was stolen in the attack.
-
Matt Kapko/Cybersecurity Dive
VMware’s ‘target-rich environment’ is growing more volatile, CrowdStrike warns
Ransomware groups continue to target VMware because they know the virtualization infrastructure is vulnerable and lacks security tools, threat researchers said.
-
WhataWin via Getty Images
Emerging ransomware group quickly hits 4 critical infrastructure providers
The financially motivated threat actor attacked organizations in manufacturing, finance, insurance and pharmaceuticals within a week of its debut.
