The Latest
-
SMBs hit by rise in legitimate tool-based attacks
Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.
-
Sponsored by Tines
The top cybersecurity events and conferences in 2024, according to security pros
Which security conferences are teams prioritizing in 2024? A new report reveals the 7 most popular events in the cybersecurity calendar.
-
Companies are getting smarter about cyber incidents
Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA explains how to apply secure-by-design principles
The focus should be on what manufacturers are doing to keep their customers safe, not the damage attackers might be inflicting, CISA’s Bob Lord said.
-
Threat actors behind Las Vegas casino attacks are social-engineering mavens
Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.
-
‘Honesty’: Estes details its playbook for responding to a cyberattack
Being open about the incident engendered goodwill from customers and colleagues, executives said.
-
Stanley Steemer hack breached data of almost 67K customers
The cleaning company said attackers gained access to its systems nearly a month before the intrusion was discovered in March.
-
FCC proposes 3-year cybersecurity pilot for schools, libraries
The agency will seek public comment on the proposal, which will explore how the Universal Service Fund can support school and library cyber concerns.
-
Cisco looks to Splunk for security business growth
Security remains a small part of Cisco’s business, but Splunk could bolster the company’s ability to grow and improve other offerings.
-
Clorox CISO departs months after cyberattack
The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings.
-
New York proposes ‘nation-leading’ hospital cybersecurity regulations
The rules, which would require facilities to develop response plans and hire a chief information security officer, aim to safeguard hospitals from growing threats and keep them operating during an attack.
-
Palo Alto Networks’ largest customers get no-cost incident response
Available through January, the response program comes at a time of heightened demand for rapid forensic services, particularly in light of the coming SEC incident response enforcement.
-
5 Juniper CVEs actively exploited in the wild
The vendor warned the Junos OS vulnerabilities can be chained to remotely execute code.
-
File-transfer services, rich with sensitive data, are under attack
This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.
-
Rackspace records $5M in expenses related to 2022 ransomware attack
The cloud services company expects insurance to cover its incident costs, however multiple lawsuits are still pending.
-
Dragos again targeted by ransomware group, this time from AlphV
The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.
-
Weeks after Boeing attack, ransomware group leaks allegedly stolen files
The company’s data was leaked two weeks after the prolific Russia-affiliated group, LockBit, claimed responsibility for the attack.
-
Henry Schein says customer data breached in cyber incident
The company lowered its 2023 sales and earnings forecasts in response to the incident, which took some of its distribution systems offline.
-
As Congress weighs budget priorities, top cyber execs urge CISA funding support
The group, led by Tenable CEO Amit Yoran, raised concerns that significant cuts to the agency would undermine efforts to combat rising threats to critical infrastructure and federal systems.
-
For Maine, the MOVEit attack is personal
With 1.3 million individuals compromised, the level of exposure on an individual basis is one that's representative of a compromise of its entire population.
-
Chinese banking giant’s US arm hit by ransomware attack
The hack reportedly disrupted the trading of U.S. Treasuries. The Industrial and Commercial Bank of China Financial Services said it is investigating the attack and progressing recovery efforts.
-
Mr. Cooper customers’ data exposed by cyberattack
The mortgage servicing provider has yet to determine how many of its 4.3 million customers had data compromised or the extent of potential damage.
-
MGM Resorts anticipates no further disruptions from September cyberattack
The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.
-
Ransomware targeting casinos is on the rise, FBI warns
Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.
-
CitrixBleed sparks race to patch, hunt for malicious activity
CISA urged organizations to patch, mitigate and report any positive findings as Citrix NetScaler ADC and NetScaler Gateway users remain exposed to session hijack.
-
Cyberattack hits Singapore’s Marina Bay Sands hotel and casino
The Las Vegas Sands Corp.-owned property said the intrusion exposed the personal data of about 665,000 people.