The Latest
-
Krispy Kreme online ordering disrupted by cyberattack
Following an attack on a portion of its IT systems, the chain said it was working to restore online ordering. In-store operations were not impacted.
-
SEC cyber incident reporting rule generates 71 filings in 11 months
Most companies that disclosed cyber incidents to the agency did not describe materiality or other useful information, a BreachRx report found.
-
Snowflake to phase out single-factor authentication by late 2025
The security policy change starts one year after a wave of attacks targeted more than 100 Snowflake customer environments without MFA.
-
US subsidiary of global water treatment firm probes November cyberattack after data encrypted
Kurita America, a subsidiary of a Tokyo-based company, is the latest in a string of companies tied to the water industry targeted by hackers.
-
Credit risk rising as attackers strike larger companies: Moody’s
Cybercriminals are deploying generative AI tools in their efforts at ransomware and fraud, Moody’s Ratings said.
-
Trump’s pick to run FCC deeply concerned about Salt Typhoon
The recently uncovered swarm of attacks on U.S. telecom companies, part of a China-sponsored campaign, made FCC Commissioner Brendan Carr want to smash his phone, he said.
-
Blue Yonder investigating data leak claim following ransomware attack
The software supply chain company is widening its investigation after Termite ransomware leaked data it claims is linked to the attack.
-
FCC proposes stronger telecom cyber rules as Salt Typhoon fallout continues
The agency’s proposed rule changes come two months after a China-government sponsored espionage campaign first came to light.
-
Morrisons recovers warehouse systems following attack on Blue Yonder
The U.K. supermarket chain was one of several high-profile customers impacted by a ransomware attack against the supply chain management software provider.
-
For IT pros, the CrowdStrike crisis was a ‘call to arms’
The global outage triggered investments in people, processes and technologies to beef up enterprise resilience, Adaptavist research found.
-
Q&A
T-Mobile undeterred as telecom sector reels from attack campaign
Cybersecurity Dive spoke with CSO Jeff Simon about how the carrier says it thwarted a threat group resembling Salt Typhoon despite its past security failures.
-
At least 8 US companies hit in telecom attack spree, officials say
A deputy national security advisor warned that the China-affiliated Salt Typhoon attack spree potentially infiltrated more telecom companies and the threat group still has network access.
-
Feds raise alarm on China-linked infiltration of telecom networks
Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.
-
Opinion
Protecting the cloud: combating credential abuse and misconfigurations
To defend against two of today’s biggest cloud security threats, organizations must adapt and develop proactive strategies, Google Cloud’s Brian Roddy writes.
-
CISA, German cyber authorities warn Zyxel firewalls facing active exploitation
Attackers have targeted dozens of companies with Helldown ransomware, researchers found.
-
Ascension reduces operating loss as it rebounds from cyberattack
A sweeping cyberattack this spring took the provider’s electronic health record offline for weeks and led to significant losses.
-
UK cyber chief warns country is at an inflection point as digital threats rise
In his first major speech, NCSC CEO Richard Horne said state linked and criminal threat groups are working to undermine the nation’s reliance on technology.
-
ENGlobal IT systems impacted by ransomware attack
The attack marks at least the third disruptive cyberattack impacting energy sector providers based in Texas since August.
-
Blue Yonder moves closer to full recovery after November ransomware attack
U.K. supermarket chain Morrisons says its operations are mostly restored, while Blue Yonder is working with other customers to recover operations.
-
Note from the Editor-in-Chief
A change in ownership and what it means for our readers.
-
When password rules change, who benefits?
As the National Institute of Standards and Technology rolls out updated password guidance, some experts want to make passwords a thing of the past.
-
CrowdStrike avoids customer exodus after triggering global IT outage
The cybersecurity vendor reported $33.9 million in expenses related to the July 19 incident, which caused the company to swing to a loss.
-
FBI, CISA warn of heightened risk of BEC attacks during holiday season
Authorities encouraged prompt reporting, which can help recover stolen payments.
-
SEC reports drop in enforcement actions for 2024 FY
The securities regulator also reported a record $8.2 billion in monetary remedies for its last fiscal year, driven by Terraform Labs crypto fraud settlement.
-
As holiday season begins, US braces for looming risk of cyberattacks
Security teams are on the alert for nation-state threats and ransomware as millions of workers break for the Thanksgiving holiday weekend.