Page 2


  • Exterior of MGM Grand Hotel & Casino in Las Vegas
    Image attribution tooltip
    Ethan Miller via Getty Images
    Image attribution tooltip

    MGM Resorts takes systems offline as it investigates cyberattack

    The company restored full operations to dining, gaming and entertainment venues Monday night, following earlier reports payment systems, digital room keys and reservations systems were down at multiple properties. 

    Updated Sept. 12, 2023
  • A digital lock on a computer memory board with red and blue lights intersecting
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    High-profile CVEs turn up in vulnerability exploit sales

    Flashpoint observed 27 vulnerability exploits listed for sale or purchased on the dark web during the first half of the year. One-third were linked to Microsoft products.

  • A Black person leans against the frame of a door in their office; their head hangs
    Image attribution tooltip
    FG Trade via Getty Images
    Image attribution tooltip

    IronNet considers bankruptcy after it furloughs most workers

    The furloughs will effectively end most of the cybersecurity firm’s operations unless it can find additional sources of liquidity.

  • Anne Neuberger deputy national security advisor for cyber and emerging technologies, speaks at the Billington Cybersecurity Summit with Brad Medairy, EVP, Booz Allen.
    Image attribution tooltip
    Courtesy of Billington CyberSecurity Summit
    Image attribution tooltip

    White House mulls rating system to boost cybersecurity for critical infrastructure

    Anne Neuberger, deputy national security advisor for cyber, told the Billington Cybersecurity Summit that a new ransomware summit is set and updated a consumer labeling push for IoT.  

  • A Cisco logo with blue lights strands in the background.
    Image attribution tooltip
    David Ramos via Getty Images
    Image attribution tooltip

    Cisco BroadWorks vulnerability snags highest CVSS score

    There are no workarounds for the vulnerability, which could expose confidential data if exploited by a threat actor with forged administrative access.

  • Jen Easterly speaks during a fireside chat at the Billington Cybersecurity Summit.
    Image attribution tooltip
    Courtesy of Billington
    Image attribution tooltip

    CISA director: Critical infrastructure cyber incident reporting rules almost ready

    The Cybersecurity and Infrastructure Security Agency is in the final stages of work on the reporting requirements included in a March 2022 law.

  • A jet comes in for landing at Los Angeles International Airport (LAX) in Los Angeles, California.
    Image attribution tooltip
    David McNew via Getty Images
    Image attribution tooltip

    Aviation sector organization hit by exploit of CVE duo

    Cybersecurity authorities investigated the attack by multiple threat actors who exploited known CVEs in Zoho and Fortinet products.

  • Closeup of a hotel bed and nightstand with a lamp
    Image attribution tooltip
    Hohenhaus via Getty Images
    Image attribution tooltip

    Generative AI, contactless tech make hotels vulnerable to cyberattacks

    Guest and worker turnover, as well as new technology adoption, make the hospitality industry an appealing target for cybercriminals, according to Trustwave SpiderLabs.

  • A signage of Microsoft in New York City
    Image attribution tooltip
    Jeenah Moon/Getty Images via Getty Images
    Image attribution tooltip

    BEC phishing kit hits thousands of Microsoft 365 business accounts

    Threat actors used the W3LL phishing kit to target more than 56,000 accounts, ultimately compromising 14% of them since last October, Group-IB found.

  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA creates voluntary ed tech pledge to boost K-12 cybersecurity

    Companies signing the agreement are urged to commit to encouraging the use of multifactor authentication and public vulnerability disclosure.

  • A Microsoft logo is seen during the 2015 Microsoft Build Conference on April 29, 2015 at Moscone Center in San Francisco, California.
    Image attribution tooltip
    Stephen Lam via Getty Images
    Image attribution tooltip

    Microsoft crash dump exposed key that led to US cabinet email hacks, investigation finds

    A China-based threat group used the key to access a Microsoft engineer’s corporate account and, later, compromised more than two dozen customer email accounts.

  • Acting National Cyber Director Kemba Walden speaks during the Billington Cybersecurity Summit on Sept. 5, 2023 in Washington, D.C.
    Image attribution tooltip
    Permission granted by ZeroFox
    Image attribution tooltip

    Cybersecurity investments boost profitability, resilience: White House

    Expenditures on resilience will help companies reduce downtime, Acting National Cyber Director Kemba Walden said at the Billington Cybersecurity Summit.

  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    Okta customers’ IT staff duped by MFA reset swindle

    IT workers at four organizations using Okta were successfully hit by a consistent pattern of social engineering attacks.

  • Close up of Gary Gensler speaking during a senate hearing
    Image attribution tooltip
    Kevin Dietsch/Getty Images via Getty Images
    Image attribution tooltip

    SEC cyber disclosure rules put CISO liability under the spotlight

    Security executives find themselves in the eye of the needle as governance and incident response come into focus.

  • A group of executives meet
    Image attribution tooltip
    fizkes via Getty Images
    Image attribution tooltip

    Top 5 behaviors of successful CISOs: Gartner

    Successful CISOs are at least 1.5 times more likely to engage with emerging technologies and colleagues beyond traditional business functions, a survey shows.

  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Barracuda patch bypassed by novel malware from China-linked threat group

    Mandiant uncovered a months-long cyber espionage campaign targeting high value government entities and technology firms in the U.S. and abroad.

  • A frustrated young person in yellow sweater stands at table and touches their face with their hand while packing stuff up in office after dismissal
    Image attribution tooltip
    SeventyFour via Getty Images
    Image attribution tooltip

    Malwarebytes, within a week, acquires a company and reportedly cuts staff

    The layoffs underscore significant alterations afoot in the security sector, as the industry’s largest vendors claim share from smaller rivals.

  • The New York Stock Exchange building.
    Image attribution tooltip
    Spencer Platt via Getty Images
    Image attribution tooltip

    SEC cyber disclosure rules are taking effect: Here’s what to expect

    With enforcement on the horizon, much of the SEC's rules for material disclosures are subject to interpretation.

  • CrowdStrike booth at RSA Conference in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    CrowdStrike soars on security tool consolidation demand

    CEO George Kurtz said the company will consider potential acquisition targets as M&A discussions heat up across the industry.

  • An image of Federal Bureau of Investigation Director Christopher Wray at a press conference.
    Image attribution tooltip
    Kevin Dietsch/Getty Images via Getty Images
    Image attribution tooltip

    US leads takedown of Qakbot malware, which automated initial infections

    The botnet and malware had infected more than 700,000 computers worldwide and was linked to the abuse of OneNote files.

  • The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019 in New York City.
    Image attribution tooltip
    Drew Angerer / Staff via Getty Images
    Image attribution tooltip

    Mandiant blends Google Cloud, AI to automate threat hunting

    Google Cloud is bringing Mandiant’s threat hunting intelligence to customers’ Chronicle environments and infusing Duet AI across its security portfolio.

  • Aerial view of a large crowd of people.
    Image attribution tooltip
    Dmytro Varavin/Getty Images via Getty Images
    Image attribution tooltip

    MOVEit attack victim count surpasses 1,000 organizations

    Months after the campaign was discovered, victims are still coming forward and, in most cases, breaches at third-party vendors are to blame.

  • The Four-Day Workweek, Job Openings, and Reducing the Cost of Cyber Risks: Trial Balance
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Cyber insurance providers increase scrutiny on enterprise risk, report finds

    Policyholders face higher costs and additional exclusions, even as the market stabilizes, a study on behalf of Delinia found.

  • People sitting around a board room table
    Image attribution tooltip
    Caiaimage/Paul Bradbury via Getty Images
    Image attribution tooltip

    Corporate boards expand cybersecurity risk oversight, report finds

    A study from EY shows Fortune 100 CISOs more closely engaged with the board of directors and C-suite.

  • A stack of medical records displayed on a desk.
    Image attribution tooltip
    Alexandre Schneider/Getty Images via Getty Images
    Image attribution tooltip

    Prospect Medical stolen data listed for sale by emerging ransomware group

    Rhysida claims it stole more than 500,000 Social Security numbers, financial, legal and medical files. And it’s all for sale on the dark web.