The Latest
-
(2008). Retrieved from Environmental Protection Agency.
Water utility cyberattacks underscore ongoing threat to OT
U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.
-
Businesses can turn to MSPs to navigate SEC cyber disclosure requirements
With a line of sight on security operations, managed service providers hold keys to materiality determinations and annual 10-K reports.
-
Payments processor Tipalti investigating ransomware attack
The AlphV ransomware group claimed responsibility for the attack on Saturday and threatened to extort Tipalti customers with allegedly stolen data.
-
Authorities raise alarm on threats against water, other critical sectors
An ongoing cyber campaign against Unitronics PLC devices has impacted multiple U.S. water facilities, but authorities are also monitoring energy, healthcare, and food and beverage manufacturing.
-
Dozens of credit unions confront outages linked to third-party ransomware attack
CitrixBleed ensnared another industry, leading to a network incident at Ongoing Operations, which provides business continuity services.
-
Fidelity National Financial restoring operations after containing cyberattack
The company, one of the largest title insurance firms in the U.S., is still assessing whether the attack will have a material impact on its business.
-
Staples hit by cyberattack during critical Cyber Week sales push
The office supply retailer expects to fully catch up on back orders after online processing and deliveries were briefly disrupted.
-
Yet again, threat actors exploit a critical file-transfer service CVE
File-transfer services are prime targets and vulnerabilities in the open source ownCloud mark the latest in a series of critical services under attack.
Updated Dec. 1, 2023 -
Okta again promises it is taking security seriously
CEO Todd McKinnon used the company's earnings call to once again pledge improvements and address a culture of lax security.
-
North Texas water utility the latest suspected industrial ransomware target
Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.
-
MGM CFO expects insurance to cover cyberattack costs
The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million.
-
All Okta support system customers caught in previously disclosed breach
The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.
-
For financial services firms, a pattern of malicious cyber activity is emerging
The suspected ransomware attack against Fidelity National Financial marks the latest in a series of incidents, leading regulators to take additional enforcement actions.
-
Retrieved from Pixabay.
CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks
The Unitronics warning follows an Iran-linked hack of a Pennsylvania water treatment facility.
Updated Nov. 29, 2023 -
NY reaches $1M breach settlement with First American Title Insurance
The company exposed millions of documents of non-public customer data, through a vulnerability in a proprietary application.
-
Amazon CSO likens security to psychological chess matches
Security professionals should focus on ambiguous, dynamic problems that can’t be solved by software, Stephen Schmidt says.
-
Fidelity National Financial investigating cyberattack that led to service disruption
AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.
-
Authorities pushing for secure AI development practices
CISA and the U.K.’s cyber agency released the guidelines as part of a global effort to ensure AI is developed using security as a core component.
-
SEC’s cyber disclosure rules: Key considerations for the board, C-suite and risk managers
Each business stakeholder has a different cyber risk management responsibility. Given the SEC’s coming disclosure rules, it’s even more important to outline who owns what.
-
CitrixBleed worries mount as nation state, criminal groups launch exploits
LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.
-
Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend
A rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.
-
Cloud security myths can leave SMBs exposed
AWS identified three cyber misconceptions that hinder small- and medium-sized businesses as they migrate workloads.
-
SMBs hit by rise in legitimate tool-based attacks
Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.
-
Companies are getting smarter about cyber incidents
Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA explains how to apply secure-by-design principles
The focus should be on what manufacturers are doing to keep their customers safe, not the damage attackers might be inflicting, CISA’s Bob Lord said.