The Latest
-
Robert Mora via Getty Images
Caesars Entertainment faces class action lawsuits following rewards database hack
At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups.
-
Center for Strategic and International Studies
CISA rolls dice on public service campaign to raise cyber awareness
The agency is hoping to get families and small businesses to adopt MFA, use stronger passwords and recognize phishing attacks.
-
Christopher Doering/Cybersecurity Dive
Campbell Soup says summer cyberattack caused limited business impact
The company will incur some costs, but it considers the disruption nonmaterial.
-
Naomi Eide/Cybersecurity Dive
AWS bets on accuracy in generative AI deployment race
The cloud giant is taking a full-stack approach to generative AI, which doubles down on security and reliable results.
-
Ethan Miller via Getty Images
MGM Resorts warns customers of fraud as it faces class action lawsuits
The plaintiffs claim the company was negligent for failing to protect customer data despite prior warnings about previous attacks.
-
Vitalii Pasichnyk/Getty via Getty Images
Deep DiveMOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.
Updated Sept. 25, 2023 -
dibrova via Getty Images
Royal lurked in Dallas’ systems weeks before ransomware attack
The prolific threat actor gained initial access on April 7 and stole almost 1.2 TB of data before it deployed ransomware on May 3, city officials said in a post-attack report.
-
Markus Spiske
CISA urges use of memory safe code in software development
Unsafe programming languages, like C and C++, account for more than 70% of security vulnerabilities.
-
AndreyPopov via Getty Images
Average insider cyberthreat cost spikes 40% in 4 years
Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.
-
Ethan Miller via Getty Images
MGM Resorts says hotel, casino operations back up and running
The company was still working to restore online functionality for hotel reservations and rewards program users following a major cyberattack.
-
Justin Sullivan via Getty Images
Cisco to buy Splunk for $28B
Forrester's Allie Mellen calls it a massive win for Cisco's security business, but said security leaders are concerned about potential SIEM quality degradation.
-
Permission granted by FDD
US is making headway on securing cyber infrastructure, commission says
While Cyberspace Solarium Commission leaders praised U.S. cybersecurity improvements, they said more work is needed to secure critical infrastructure.
-
NicoElNino via Getty Images
AI is entering the enterprise application security tool stack
Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.
-
Justin Sullivan via Getty Images
Clorox warns of product shortages a month after disclosing cyberattack
The household product maker said the incident damaged IT systems and will have a material effect on its fiscal Q1 performance.
-
Courtesy of Mandiant
FBI director urges private sector to work with the agency on cyber threats
Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.
-
iStock / Getty Images Plus via Getty Images
Deep DiveSecurity has an underlying defect: passwords and authentication
Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.
-
Getty Images via Getty Images
SEC cyber disclosure rules: What’s the role of the CIO?
CIOs are on the front lines of managing the IT estate, making them a critical part of rapid incident response.
-
Ethan Miller via Getty Images
MGM, Caesars attacks raise new concerns about social engineering tactics
Multiple threat groups have employed the same criminal tool kit to target vulnerable systems.
-
LeoPatrizi via Getty Images
5 steps organizations can take to counter IAM threats
Many organizations lean on identity and access management tools to perform credential management and authentication. But these systems aren’t foolproof.
-
Ethan Miller via Getty Images
Threat actors claim to have compromised MGM Resorts’ Okta environment
AlphV may have used tactics similar to social engineering attacks disclosed by Okta in regulatory filing.
-
Win McNamee via Getty Images
6 stories on how SEC’s cyber rules are changing security response
As enforcement of the rules takes effect later this year, themes around how and when businesses will disclose security incidents will emerge.
-
Robert Mora via Getty Images
MGM Resorts disruption linked to recent attacks against hospitality industry
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.
-
Drew Angerer via Getty Images
White House, federal cyber leaders pledge renewed support for open source security
CISA released a roadmap for open source software security as industry officials convened to map out additional steps to protect federal agencies and the larger ecosystem.
-
Robert Mora via Getty Images
MGM Resorts discloses cyber incident in filing with SEC
Moody’s Investors Service called the cyber incident credit negative, and MGM is still taking steps to protect data and fully secure business operations.
-
Getty via Getty Images
Compromised credential use jumps 300% in cloud intrusions: IBM
Valid credentials are also a hot commodity in the cybercrime marketplace, accounting for the vast majority, almost 90%, of assets for sale on the dark web, IBM found.
