The Latest

  • A round industrial building behind a pool of water with a walkway over top
    Image attribution tooltip
    (2008). Retrieved from Environmental Protection Agency.
    Image attribution tooltip

    Water utility cyberattacks underscore ongoing threat to OT

    U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.

  • two technologists looking at a laptop inside a server room
    Image attribution tooltip
    Jacob Wackerhausen via Getty Images
    Image attribution tooltip

    Businesses can turn to MSPs to navigate SEC cyber disclosure requirements

    With a line of sight on security operations, managed service providers hold keys to materiality determinations and annual 10-K reports.

  • Threat actor views data file
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Payments processor Tipalti investigating ransomware attack

    The AlphV ransomware group claimed responsibility for the attack on Saturday and threatened to extort Tipalti customers with allegedly stolen data.

  • A wastewater treatment plant powered by wind turbines and solar panels near Atlantic City in New Jersey, USA. Aerial elevated view at the sunset.
    Image attribution tooltip
    Alex Potemkin via Getty Images
    Image attribution tooltip

    Authorities raise alarm on threats against water, other critical sectors

    An ongoing cyber campaign against Unitronics PLC devices has impacted multiple U.S. water facilities, but authorities are also monitoring energy, healthcare, and food and beverage manufacturing.

  • An illustration of the front of a bank connected to different icons representing digital services.
    Image attribution tooltip
    Chor muang via Getty Images
    Image attribution tooltip

    Dozens of credit unions confront outages linked to third-party ransomware attack

    CitrixBleed ensnared another industry, leading to a network incident at Ongoing Operations, which provides business continuity services.

  • A picture of a glass office building with a brick entrance.
    Image attribution tooltip
    JHVEPhoto via Getty Images
    Image attribution tooltip

    Fidelity National Financial restoring operations after containing cyberattack

    The company, one of the largest title insurance firms in the U.S., is still assessing whether the attack will have a material impact on its business.

  • Staples store in Studio City, Ca.
    Image attribution tooltip
    GDMatt66 via Getty Images
    Image attribution tooltip

    Staples hit by cyberattack during critical Cyber Week sales push

    The office supply retailer expects to fully catch up on back orders after online processing and deliveries were briefly disrupted.

  • A digital lock on a computer memory board with red and blue lights intersecting
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Yet again, threat actors exploit a critical file-transfer service CVE

    File-transfer services are prime targets and vulnerabilities in the open source ownCloud mark the latest in a series of critical services under attack.

    Updated Dec. 1, 2023
  • Okta office
    Image attribution tooltip
    Courtesy of Okta
    Image attribution tooltip

    Okta again promises it is taking security seriously

    CEO Todd McKinnon used the company's earnings call to once again pledge improvements and address a culture of lax security.

  • wastewater plant
    Image attribution tooltip
    Permission granted by Eagle Contracting
    Image attribution tooltip

    North Texas water utility the latest suspected industrial ransomware target

    Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

  • Hotel Exterior
    Image attribution tooltip
    Ethan Miller via Getty Images
    Image attribution tooltip

    MGM CFO expects insurance to cover cyberattack costs

    The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million. 

  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    All Okta support system customers caught in previously disclosed breach

    The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.

  • A close up of the Department of Treasury seal on the front of the headquarters with "the Department of Treasury" and "1789" on an outer circle and a shield with the scales of justice up top and a key.
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    For financial services firms, a pattern of malicious cyber activity is emerging

    The suspected ransomware attack against Fidelity National Financial marks the latest in a series of incidents, leading regulators to take additional enforcement actions.

  • stock image
    Image attribution tooltip
    Retrieved from Pixabay.
    Image attribution tooltip

    CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks

    The Unitronics warning follows an Iran-linked hack of a Pennsylvania water treatment facility.

    Updated Nov. 29, 2023
  • Data Breach Button on Computer Keyboard
    Image attribution tooltip
    GOCMEN via Getty Images
    Image attribution tooltip

    NY reaches $1M breach settlement with First American Title Insurance

    The company exposed millions of documents of non-public customer data, through a vulnerability in a proprietary application.

  • An open atrium filled with plants with stars crossing open floors.
    Image attribution tooltip
    Naomi Eide/Cybersecurity Dive
    Image attribution tooltip

    Amazon CSO likens security to psychological chess matches

    Security professionals should focus on ambiguous, dynamic problems that can’t be solved by software, Stephen Schmidt says.

  • Fidelity National Title Group Portland Office exterior. FNTG is a member of the Fidelity National Financial (NYSE: FNF) family of companies.
    Image attribution tooltip
    hapabapa via Getty Images
    Image attribution tooltip

    Fidelity National Financial investigating cyberattack that led to service disruption

    AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.

  • CISA Director Jen Easterly
    Image attribution tooltip

    Center for Strategic and International Studies

    Image attribution tooltip

    Authorities pushing for secure AI development practices

    CISA and the U.K.’s cyber agency released the guidelines as part of a global effort to ensure AI is developed using security as a core component. 

  • Finance chiefs need to tick off these key action items to get ahead of year-end.
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    SEC’s cyber disclosure rules: Key considerations for the board, C-suite and risk managers

    Each business stakeholder has a different cyber risk management responsibility. Given the SEC’s coming disclosure rules, it’s even more important to outline who owns what. 

  • Exterior of Citrix office complex.
    Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images
    Image attribution tooltip

    CitrixBleed worries mount as nation state, criminal groups launch exploits

    LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.

  • Black Friday weekend 25% off discount banner in a boutique.
    Image attribution tooltip
    Shaun Taylor via Getty Images
    Image attribution tooltip

    Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend

    A rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.

  • Attendees arrive during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada.
    Image attribution tooltip
    Noah Berger / Stringer via Getty Images
    Image attribution tooltip

    Cloud security myths can leave SMBs exposed

    AWS identified three cyber misconceptions that hinder small- and medium-sized businesses as they migrate workloads.

  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    SMBs hit by rise in legitimate tool-based attacks

    Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

  • A series of hexagonal blocks with locks on them, one of which is broken, with a red background.
    Image attribution tooltip
    Andrii Yalanskyi via Getty Images
    Image attribution tooltip

    Companies are getting smarter about cyber incidents

    Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.

  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA explains how to apply secure-by-design principles

    The focus should be on what manufacturers are doing to keep their customers safe, not the damage attackers might be inflicting, CISA’s Bob Lord said.