Page 2


  • Image attribution tooltip
    Courtesy of Colonial Pipeline Company

    TSA revises cybersecurity requirements for oil and gas pipelines

    The agency released performance-based requirements after extensive industry debate following the May 2021 Colonial Pipeline ransomware attack.

  • A password field reflected on a eye.
    Image attribution tooltip
    Leon Neal via Getty Images

    Atlassian urges rapid response after Confluence hardcoded password leaked

    The company's customers are confronting the second critical vulnerability on Confluence in as many months.

  • Server row light up with blue lights
    Image attribution tooltip
    Morris MacMatzen via Getty Images

    Network vulnerabilities declined in 2021, but attacks hit all-time high

    Five of the 10 most-exploited vulnerabilities last year were identified before 2020, and No. 3 dates back to 2017.

  • A group of co-workers surround a computer screen
    Image attribution tooltip
    Yuri Arcurs via Getty Images

    Where 5 programs are investing to close cyber skills gap

    In line with a White House push to close the cyber skills gap, technology firms, nonprofits and other organizations have launched a range of programs to develop a new generation of workers.

  • Individual types on a backlit keyboard.
    Image attribution tooltip
    Sean Gallup via Getty Images

    LockBit ransomware hitting network servers

    The latest tactic used to deploy the prolific malware allows threat actors to end processes, stop services and duplicate more quickly.

  • The California state flag waves in the wind.
    Image attribution tooltip
    Stock Photo via Getty Images

    California privacy rules target dark patterns through technology design

    California Privacy Rights Act provisions that will go into effect in January will provide more control to consumers over how companies use their data. 

  • A man faces multiple computer screens.
    Image attribution tooltip
    South_agency via Getty Images

    New ransomware discovered using Rust, atypical encryption

    Luna’s use of platform-agnostic code allows threat actors to initiate attacks on different operating systems concurrently.

  • A person standing at a podium speaking before a group of people in a room with an ornate floor.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.

    White House takes on cyber workforce gap through 120-day apprenticeship sprint

    A cyber workforce and education summit at the White House Tuesday was designed to address the long-standing shortage of qualified and diverse candidates for security operations teams. 

  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Chainarong Prasertthai via Getty Images

    State-backed threat actors use Google Drive, Dropbox to launch attacks

    The Russia-linked threat actor behind the SolarWinds attack used cloud storage services to deploy malicious payloads using Cobalt Strike. 

  • Huawei logo depicted on side of building at company's campus in Dongguan, China.
    Image attribution tooltip
    Kevin Frayer via Getty Images

    US effort to rip and replace hardware made in China is ballooning in cost

    A yearslong push to remove telecom equipment deemed a national security threat continues to vex regulators.

  • Cyberattack and internet crime, hacking and malware concepts.
    Image attribution tooltip
    Techa Tungateja via Getty Images

    Data breach at debt collector affects almost 2M healthcare patients

    It’s the second-largest health data breach this year after the Shields Health Care Group cyberattack in March, the Department of Health and Human Services breach reporting portal shows.

  • Image attribution tooltip
    Drew Angerer via Getty Images

    Google deal to buy Mandiant clears key antitrust hurdle

    The Department of Justice cleared the deal last week, but the $5.4 billion agreement remains subject to approval by foreign regulators.

  • Server room (Sefa Ozel/Getty)
    Image attribution tooltip
    Sefa Ozel/Getty via Getty Images

    CISA releases indicators of compromise for hard-hit VMware Horizon

    Federal authorities warn a more complex form of malware is providing advanced persistent threat actors with vast command and control capabilities.

  • Florida International University campus
    Image attribution tooltip
    Permission granted by Florida International University

    Ransomware attacks surge in education sector

    Colleges and universities are particularly challenged as repercussions of ransomware hit them harder and longer than other organizations.

  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    CISA eyes cross-pond cyber cooperation with London office

    Federal agencies have worked closely with allies to combat malicious cyber activity and illicit use of cryptocurrency.

  • Computer language script and coding on screen.
    Image attribution tooltip
    themotioncloud via Getty Images

    Fake GitHub commits can trick developers into using malicious code

    Threat actors can easily alter the identity and timestamp associated with software updates, putting developers at serious risk, Checkmarx research shows.

  • Secretary of State Antony Blinken speaks alongside President Joe Biden.
    Image attribution tooltip
    Mark Makela/Getty Images via Getty Images

    The US is losing the cyberspace race

    Decades-old policies have failed to stem a growing threat, the Council of Foreign Relations said. What if the U.S. embraced a more limited and realistic strategy?

  • Digital technology vector background depicting a cyberattack.
    Image attribution tooltip
    WhataWin via Getty Images

    Cyber insurers split on what's most important in a security posture assessment

    To keep up with demand, cyber insurers acknowledge the need to rethink the underwriting process, research from Panaseer shows.

  • The U.S. Capitol Building at night with lightning in the background.
    Image attribution tooltip
    Naomi Eide/Cybersecurity Dive

    Log4j is far from over, cyber review board says

    Exploitation of Log4j occurred at lower levels than experts predicted, yet it remains an "endemic vulnerability," the Cyber Safety Review Board said.

  • Team of professionals meeting in office around computers
    Image attribution tooltip
    gorodenkoff via Getty Images

    Companies cannot see — or protect — nearly half of all device endpoints

    Managing corporate devices was hard pre-pandemic. But as digital sprawl bloomed, visibility fell further behind. 

  • A large hallway with supercomputers inside a server room data center.
    Image attribution tooltip
    luza studios via Getty Images

    Threat actors favor brute force attacks to hit cloud services

    Google Cloud warned that organizations face their greatest threat due to weak passwords and vulnerable software.

  • A rendering of an empty hospital corridor with a reception desk.
    Image attribution tooltip
    Ninoon via Getty Images

    Hospital ransomware concerns rise after payment vendor breach, North Korea threats

    A recently disclosed ransomware attack could have exposed patient data from more than 650 healthcare providers.

  • Two people look at five computer screens showing code and digital maps in an office. A third person talks on the phone while looking at a paper.
    Image attribution tooltip
    shironosov via Getty Images

    Mid-sized companies grapple with response to cyber crises

    Limited resources, staffing and executive awareness can hamper attack response capabilities.

  • Man working at a computer in a dark office with two other people working behind him out of focus.
    Image attribution tooltip
    FG Trade via Getty Images

    As cyber talent demand heats up, hiring managers should shift expectations

    Companies trying to fill cybersecurity roles need to stop looking for unicorns and expand their search to qualified, but often overlooked, job candidates.  

  • A picture of the Microsoft campus in Redmond, Washington.
    Image attribution tooltip
    Stephen Brashear/Stringer via Getty Images

    Microsoft rollback on macro blocking in Office sows confusion

    The company said it remains "fully committed" to disabling macros by default, and the temporary measure will make the product more user friendly.