The Latest
-
Andrii Yalanskyi via Getty Images
Ill-prepared against cyberattacks? You’re not alone, Cisco says
The cybersecurity readiness gap looms large, and smaller organizations were ranked the least prepared.
-
Just_Super/Getty Images via Getty Images
Ransomware gangs incite fear in victims to fuel attacks
Attacks involving data theft nearly doubled and harassment spiked 20 times by late 2022, Palo Alto Networks Unit 42 said.
-
Techa Tungateja via Getty Images
Outlook zero-day still vulnerable to attackers with prior access, researchers find
Days after Microsoft issued a patch, researchers demonstrated that threat actors could still bypass the mitigation steps from within a network.
-
Just_Super via Getty Images
Zero-days fell by one-third in 2022, Mandiant says
Zero-day vulnerabilities in security, IT and network management products, which are consistently connected to the internet, claimed nearly 1 in 5 exploits.
-
gorodenkoff via Getty Images
Security drives software purchases for half of US companies
The study from Capterra comes weeks after the U.S. rolled out plans to shift liability for weak product security onto the tech industry.
-
Viorika via Getty Images
Global cybersecurity spending to top $219B this year: IDC
Persistent cyberattack threats, increased regulations and the demands of hybrid work are driving sustained growth.
-
Brendan Smialowski / Stringer via Getty Images
SEC proposes cybersecurity disclosure rules for financial industry specialists
The changes would require broker-dealers and other entities to adopt written plans to minimize risk and promptly disclose major incidents.
-
Permission granted by Google
Google Cloud joins FS-ISAC’s critical providers program to share threat intel
The move is part of a wider industry effort to enhance supply chain security in the financial services sector.
-
TU IS via Getty Images
Outlook zero day linked to critical infrastructure attacks
State-linked actors have targeted oil and gas, transportation and defense industries in Europe.
-
Chris Gorgio via Getty Images
Cybersecurity market confronts potential consequences of banking crisis
Bank seizures impose new challenges on vendors in every segment and may spur consolidation.
-
Retrieved from Wawa website.
Wawa to pay up to $28.5M in data breach settlement
The chain’s latest payout will go to the financial institutions involved in the 2019 incident, continuing a series of payments it has made to customers and states over the past year.
-
Avosb via Getty Images
MKS Instruments hit by class-action litigation following ransomware attack
The company, a supplier to the semiconductor industry, has begun to recover its production capabilities and is working to upgrade its cyber defenses.
-
Chip Somodevilla/Getty Images via Getty Images
Ransomware hit critical infrastructure hard in 2022, FBI says
Many ransomware attacks go unreported to law enforcement, making it difficult for authorities to assess the full scope of impact.
-
Philip Steury via Getty Images
Bank failure panic fuels moment of opportunity for threat actors
As regulators step in to operate Silicon Valley Bank, threat hunters and security executives warned organizations to look out for malicious activity.
-
Danai Jetawattana via Getty Images
CISA launches ransomware warning pilot for critical infrastructure providers
The agency already warned dozens of organizations about ProxyNotShell.
-
Justin Sullivan via Getty Images
SVB turmoil could mean long-term uncertainty for enterprise IT
The demise of Silicon Valley Bank created a void in tech startup funding and raises questions about the health of the vendor ecosystem.
-
Permission granted by Carnegie Mellon University
Shift to secure-by-design must start at university level, CISA director says
Jen Easterly says secure coding and memory safety should be incorporated into computer science curriculum.
-
Jacob Lund via Getty Images
CSO vs. CISO: What’s the difference and does it matter?
The person in charge of physical security used to monitor keys and supervise guards. Now, the physical and digital are colliding.
-
Illustration: Yann Bastard for Industry Dive
Deep DiveHacking healthcare: With 385M patient records exposed, cybersecurity experts sound alarm on breach surge
Healthcare companies must harden their defenses, but it may require regulators and lawmakers to raise the bar on security standards, experts say.
-
Chip Somodevilla via Getty Images
Blackbaud to pay $3M to settle SEC charges of a misleading ransomware investigation
The regulator said the cloud-based software provider made misleading disclosures about the scope of a 2020 ransomware attack.
-
gorodenkoff via Getty Images
GitHub to begin rollout of 2FA security upgrade for developers
The enhancement is part of a wider series of security measures following a series of malicious cyberattacks.
-
maciek905 via Getty Images
CrowdStrike grows subscriber base as customers consolidate security services
CEO George Kurtz took more shots at Microsoft as CrowdStrike draws customers looking to eliminate multiple vendors.
-
Nastco via Getty Images
How will the government enforce the national cyber strategy?
Efforts to enact laws and regulations that impose greater responsibility on the technology sector aren’t likely to come quick or easy.
-
sdecoret via Getty Images
Worried about data breaches? Blame the information sector
Three in five records exposed in a data breach last year came from software, telecom, data processing and web hosting companies, Flashpoint found.
-
Joe Raedle / Staff via Getty Images
TSA unveils emergency cybersecurity requirements for airlines, airports
The requirements follow the release of the Biden administration’s national cybersecurity strategy, which includes enhanced measures for critical infrastructure.
