The Latest
-
Amy Sparwasser/ iStock via Getty Images
Tech giants pledge multimillion down payment to secure open source
Top technology companies offered $30 million toward a two-year goal to bolster software supply chain security.
-
Sean Gallup/Getty Images via Getty Images
Emotet reemerges as top malware in circulation
The botnet’s activity surged 2,823% between Q4 2021 and Q1 2022, displaying a more recent shift in targets, HP Wolf Security analysts said.
-
Alex Wong via Getty Images
White House cyber executive order still has unfinished business
The Biden administration is up against key hurdles in its effort to raise software security standards and establish zero trust across federal agencies.
-
Anastasia Vlasova via Getty Images
US, allies blame Russia for Viasat cyberattack
The Five Eyes and other EU authorities linked Russia to a series of web defacement, DDoS and destructive wiper attacks in the weeks leading up to the Ukraine invasion.
-
Motortion via Getty Images
SEO-savvy threat actors drive surge in malware downloads
Cybercriminals flooded Google and Bing with malicious PDF files that contain commonly searched keywords, resulting in a 450% annualized increase in phishing downloads.
-
Drew Angerer via Getty Images
Colonial Pipeline faces nearly $1M in penalties as federal regulator discloses violations
The Transportation Department’s pipeline safety regulator scrutinized control room management, which may have contributed to the fuel disruptions from the 2021 ransomware attack.
-
Retrieved from GPA Photo Archive.
Vet software security as part of enterprise procurement, NIST says
The guidance, an answer to last year's executive order, examines where and when potential supply chain vulnerabilities can surface.
-
South_agency via Getty Images
Threat actor launches email attacks to lift corporate M&A secrets, Mandiant says
The suspected threat actor, UNC3524, lurks in victim environments for at least 18 months.
-
DKosig via Getty Images
Ukraine cyberthreat activity ramps up against critical infrastructure, governments
Researchers say state-linked and criminal activity has risen in recent weeks.
-
Chainarong Prasertthai via Getty Images
Microsoft, Apple and Google double down on FIDO passwordless standard
The move is designed to boost digital security by allowing users to quickly authenticate across multiple devices and platforms.
-
themotioncloud via Getty Images
Familiar names top 2021's most-exploited vulnerabilities list
Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.
-
anyaberkut via Getty Images
Critical CVEs put Aruba Networks, Avaya enterprise switches at risk
Researchers previously found similar vulnerabilities in Smart-UPS devices.
-
Kena Betancur via Getty Images
M&A sets record pace as ransomware, nation-state threats fuel security demand
Enterprise customers seek consolidated, end-to-end platforms to anticipate, detect and eliminate threats.
-
Chris McGrath via Getty Images
New wiper, worm attacks emerge in Ukraine targeting government and industry
CISA shared indicators of compromise Thursday, months after the malware strains emerged.
Updated April 29, 2022 -
Yudram_TA via Getty Images
Ransomware attacks, payouts soared worldwide in 2021: report
More organizations are paying ransoms as attacks grow in sophistication.
-
Getty / edited by Healthcare Dive
Tenet says 'cybersecurity incident' disrupted hospital operations
The for-profit health system has restored most critical functions, while affected facilities are starting to resume normal operations.
-
atiatiati via Getty Images
What cyber insurance companies want from clients
Insurers evaluate how a company leverages technology and what internal standards are in place to manage risk.
-
anyaberkut via Getty Images
Emotet botnet tests new techniques after global crackdown
The once prolific botnet, returning from "spring break," is preparing a new high-volume campaign, Proofpoint researchers said.
-
themotioncloud via Getty Images
IT leaders remain bullish on open source despite security hiccups
Enterprise adoption of open source has not cooled, but flaws have highlighted the need for a better understanding of dependencies.
-
vchal via Getty Images
HHS warns providers of 'exceptionally aggressive' ransomware group
The Hive group practices double extortion — demanding payment to free data it has encrypted while also threatening to release the unencrypted data publicly.
-
metamorworks via Getty Images
AWS reissues Log4Shell hotpatch after vulnerabilities found
Researchers warn attackers can escape containers and escalate privileges.
-
Patterson, Richard. Retrieved from Flickr.
Banks face 'tight deadline' under new cyber notification rule
The May 1 cutoff to comply with the rule comes as the Biden administration has warned U.S. businesses about the increasing risk of Russian cyberattacks.
-
onurdongel via Getty Images
Cyber agencies renew warnings of Russia-linked threats against industrial targets
Separately, the U.S. is expanding the Joint Cyber Defense Collaborative to include experts on industrial control systems.
-
Leon Neal via Getty Images
Behind the push to finally eliminate passwords
The FIDO Alliance is pushing for smartphones to become the authentication standard as the tech industry presses for new methods.
-
DKosig via Getty Images
Threat detection accelerates in Asia, Europe, as notification trends shift
Median dwell time fell as organizations boosted cybersecurity defenses, shared threat intelligence.
