Skip to main content

David Jones

Reporter

David Jones is a reporter for Cybersecurity Dive. He has been a reporter and editor for more than 25 years, covering business travel, real estate and more recently fintech. When not working he travels overseas. The New York native is a diehard fan of the Mets and the Pittsburgh Steelers. He is a graduate of Northwestern University.

Email [email protected]

chevron

Submit a tip to our team

chevron

1125 articles by David Jones

Filter by month:

Microsoft disrupts global phishing campaign that led to widespread credential theft
Sept. 17, 2025
Bridgestone Americas restores facilities’ network connections following cyberattack
Sept. 17, 2025
Jaguar Land Rover extends production delay following cyberattack
Sept. 16, 2025
FBI warns about 2 campaigns targeting Salesforce instances
Sept. 15, 2025
CISA pledges robust support for funding, further development of CVE program
Sept. 12, 2025
Researchers warn VoidProxy phishing platform can bypass MFA
Sept. 12, 2025
UK cyber leader calls for shift in focus toward continuity of critical services
Sept. 11, 2025
Senior NSC official said US needs to embrace offensive cyber
Sept. 10, 2025
National cyber director says US must shift risk burden toward adversaries
Sept. 10, 2025
Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
Sept. 9, 2025
Bridgestone Americas continues probe as it looks to restore operations
Sept. 9, 2025
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
Sept. 8, 2025
Swiss Re warns of rate deterioration in cyber insurance
Sept. 5, 2025
Researchers warn of zero-day vulnerability in SiteCore products
Sept. 4, 2025
Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree
Sept. 3, 2025
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
Sept. 2, 2025
Federal, state officials investigating ransomware attack targeting Nevada
Aug. 28, 2025
NetScaler warns hackers are exploiting zero-day vulnerability
Aug. 27, 2025
Hackers steal data from Salesforce instances in widespread campaign
Aug. 26, 2025
CISOs grow more concerned about risk of material cyberattack
Aug. 26, 2025
Credential harvesting campaign targets ScreenConnect cloud administrators
Aug. 25, 2025
China-nexus hacker Silk Typhoon targeting cloud environments
Aug. 22, 2025
US charges Oregon man in vast botnet-for-hire operation
Aug. 21, 2025
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
Aug. 20, 2025
Hackers target Workday in social engineering attack
Aug. 19, 2025
Palo Alto Networks shares surge after company releases strong annual forecast
Aug. 19, 2025
NIST seeks input on control overlays for securing AI systems
Aug. 18, 2025
Cybersecurity ranks among top three risks to manufacturing sector
Aug. 15, 2025
Trump administration cyber cuts eroding private sector’s trust, confidence
Aug. 14, 2025
CISA, Microsoft update guidance on Exchange Server vulnerability
Aug. 13, 2025
Xerox patches critical vulnerability in FreeFlow Core application
Aug. 13, 2025
Financial impact from severe OT events could top $300B
Aug. 12, 2025
DOJ, international partners take down BlackSuit group’s infrastructure
Aug. 11, 2025
Research shows AI agents are highly vulnerable to hijacking attacks
Aug. 11, 2025
Financially motivated cluster a key player in ToolShell exploitation
Aug. 8, 2025
SonicWall says recent attack wave involved previously disclosed flaw, not zero-day
Aug. 7, 2025
CISA, Microsoft warn about new Microsoft Exchange server vulnerability
Aug. 6, 2025
Top US energy companies frequently exposed to critical security flaws
Aug. 6, 2025
CISA’s relationship with industry needs work to reestablish trust, experts say
Aug. 6, 2025
SonicWall investigating possible zero-day related to firewall attacks
Aug. 5, 2025
Ransomware spike linked to potential zero-day flaw in SonicWall devices
Aug. 1, 2025
Palo Alto Networks investigating ransomware threat related to SharePoint exploitation
Aug. 1, 2025
DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims
Aug. 1, 2025
Industry groups urge vigilance as Scattered Spider evolves tactics
July 31, 2025
Palo Alto Networks to buy CyberArk for $25 billion
July 30, 2025
What we know about the cybercrime group Scattered Spider
July 30, 2025
FBI, CISA warn about Scattered Spider’s evolving tactics
July 29, 2025
Research shows LLMs can conduct sophisticated attacks without humans
July 28, 2025
Allianz Life discloses massive data breach linked to supply-chain attack
July 28, 2025
Philadelphia Indemnity Insurance discloses June data breach
July 25, 2025
What we know about the Microsoft SharePoint attacks
July 24, 2025
Clorox files $380 million suit blaming Cognizant for 2023 cyberattack
July 23, 2025
SharePoint hacking campaign affects hundreds of systems worldwide
July 23, 2025
Microsoft sees China-backed nation-state hackers among adversaries targeting SharePoint
July 22, 2025
Microsoft, CISA warn of cyberattacks targeting on-premises SharePoint servers
July 21, 2025
Researchers warn of cyberattacks targeting key Fortinet software
July 17, 2025
Scattered Spider expands its roster of tactics in recent hacks
July 16, 2025
Threat actor targets end-of-life SonicWall SMA 100 appliances in ongoing campaign
July 16, 2025
Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests
July 15, 2025
DragonForce hackers claim responsibility for Belk data breach
July 15, 2025
Hackers exploiting flaw in widely used Wing FTP Server
July 14, 2025
Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw
July 11, 2025
Ingram Micro restores global operations following hack
July 10, 2025
UK authorities arrest 4 people in probe of retail cyberattack spree
July 10, 2025
M&S chairman calls for mandatory disclosure of material cyberattacks
July 9, 2025
Qantas says cyberattack affected 5.7 million customers
July 9, 2025
Suspected contractor for China’s Hafnium group arrested in Italy
July 8, 2025
Scattered Spider poses serious risk to several hundred major companies
July 8, 2025
Ingram Micro makes progress on restoring operations following attack
July 8, 2025
Ingram Micro investigating ransomware attack
July 7, 2025
Qantas says large amount of customer data stolen in cyberattack on call center
July 2, 2025
Scattered Spider appears to pivot toward aviation sector
June 27, 2025
Hackers exploiting critical Citrix Netscaler flaw, researchers say
June 27, 2025
Microsoft to make Windows more resilient following 2024 IT outage
June 26, 2025
Critical vulnerability in Citrix Netscaler raises specter of exploitation wave
June 25, 2025
Federal officials, critical infrastructure leaders remain on guard for Iran-linked hacks
June 24, 2025
Steelmaker Nucor restores operations, confirms limited data breach
June 23, 2025
DHS warns of heightened cyber threat as US enters Iran conflict
June 23, 2025
Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry
June 20, 2025
Researchers urge vigilance as Veeam releases patch to address critical flaw
June 18, 2025
Critical Zyxel vulnerability under active exploitation after long period of quiet
June 17, 2025
Threat group linked to UK, US retail attacks now targeting insurance industry
June 16, 2025
US critical infrastructure could become casualty of Iran-Israel conflict
June 16, 2025
Software vulnerabilities pile up at government agencies, research finds
June 12, 2025
Critical flaw in Microsoft Copilot could have allowed zero-click attack
June 11, 2025
Marks & Spencer restores some online-order operations following cyberattack
June 10, 2025
Scattered Spider targeting MSPs, IT vendors in social engineering campaigns
June 9, 2025
Corporate executives face mounting digital threats as AI drives impersonation
June 6, 2025
Water utilities mitigate equipment flaws after researchers find widespread exposures
June 5, 2025
FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques
June 5, 2025
Hackers abuse malicious version of Salesforce tool for data theft, extortion
June 4, 2025
Victoria’s Secret postponing release of report earnings amid breach impact
June 3, 2025
Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy
June 2, 2025
SentinelOne analysis links service disruption to software flaw
June 2, 2025
ConnectWise warns of threat activity linked to suspected nation-state hackers
May 30, 2025
Outage disrupts some SentinelOne services
May 29, 2025
Thousands of ASUS routers compromised in sophisticated hacking campaign
May 29, 2025
Zscaler enters agreement to buy Red Canary
May 28, 2025
Masimo says cyberattack will not prevent it from fulfilling orders
May 27, 2025
US authorities charge 16 in operation to disrupt DanaBot malware
May 27, 2025
Palo Alto Networks beats earnings estimates amid consolidation, AI concerns
May 22, 2025
Microsoft leads international takedown of Lumma Stealer
May 21, 2025
M&S warns April cyberattack will cut $400 million from profits
May 21, 2025
Researchers warn of China-backed espionage campaign targeting laid-off US workers
May 20, 2025
Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities
May 19, 2025
FBI warns senior US officials are being impersonated using texts, AI-based voice cloning
May 16, 2025
Researchers warn threat actors in UK retail attacks are targeting US sector
May 15, 2025
Steelmaker Nucor discloses cyberattack on IT network
May 14, 2025
UK retailer Co-op restoring systems following major cyberattack
May 14, 2025
M&S says hackers gained access to customer data in April cyberattack
May 13, 2025
Lee Enterprises spent $2M for ransomware recovery
May 12, 2025
SAP NetWeaver exploitation enters second wave of threat activity
May 9, 2025
CISA, FBI warn of ‘unsophisticated’ hackers targeting industrial systems
May 8, 2025
CrowdStrike to cut 500 jobs in plan to scale business
May 7, 2025
Masimo says cyberattack has impacted its ability to fulfill orders
May 7, 2025
Airlines in North America prioritize investments in cyber, AI
May 6, 2025
UK authorities warn of retail-sector risks following cyberattack spree
May 5, 2025
Salt Typhoon telecom hacks one of the most consequential campaigns against US ever, expert says
May 1, 2025
DHS secretary vows to refocus CISA, saying it strayed from mission
April 30, 2025
Critical vulnerability in SAP NetWeaver Visual Composer leads to confirmed compromises
April 29, 2025
JPMorgan Chase CISO warns software industry on supply chain security
April 28, 2025
Critical vulnerability in SAP NetWeaver under threat of active exploitation
April 25, 2025
Threat groups exploit resurgent vulnerabilities
April 24, 2025
Financial gain still drives majority of cyber threat activity
April 23, 2025
Conduent warns January breach impacted a ‘significant’ number of people
April 22, 2025
Researchers warn of critical flaw found in Erlang OTP SSH
April 21, 2025
Microsoft strengthens in-house cyber governance, training
April 21, 2025
Lemonade says applicant driver’s license numbers exposed
April 18, 2025
Ahold Delhaize confirms data stolen after threat group claims credit for November attack
April 17, 2025
CISA warns companies to secure credentials amid Oracle Cloud breach claims
April 17, 2025
Mitre CVE program regains funding as renewal deal reached
April 16, 2025
CISA launches new wave of job cuts
April 16, 2025
Hertz says personal data breached in connection with Cleo file-transfer flaws
April 15, 2025
Aviation sector faces heightened cyber risks due to vulnerable software, aging tech
April 14, 2025
Remote access tools most frequently targeted as ransomware entry points
April 11, 2025
Plankey nomination at CISA placed on hold after Wyden pushes for telecom report
April 10, 2025
Windows CLFS zero-day exploited in ransomware attacks
April 9, 2025
WK Kellogg confirms employee data breach tied to Cleo file-transfer flaw
April 8, 2025
Trump administration under scrutiny as it puts major round of CISA cuts on the table
April 7, 2025
CISA, FBI warn of fast flux technique used to hide malicious servers
April 4, 2025
House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST
April 3, 2025
Check Point Software confirms security incident but pushes back on threat actor claims
April 2, 2025
Sam’s Club investigating attack claim linked to Clop ransomware
April 1, 2025
Hacker linked to Oracle Cloud intrusion threatens to sell stolen data
March 31, 2025
Cybersecurity firms brace for impact of potential Oracle Cloud breach
March 28, 2025
Threat actor in Oracle Cloud breach may have gained access to production environments
March 27, 2025
DrayTek routers face active exploitation of older vulnerabilities
March 26, 2025
Researchers back claim of Oracle Cloud breach despite company’s denials
March 25, 2025
FCC investigating China-linked companies over evasion of US national security measures
March 24, 2025
Coinbase originally targeted during GitHub Action supply chain attack
March 21, 2025
GitHub Action compromise linked to previously undisclosed attack
March 20, 2025
Google acquisition of Wiz driven by enterprise embrace of multicloud
March 19, 2025
CISA urges fired probationary workers to respond after federal judge grants order
March 18, 2025
Supply chain attack against GitHub Action triggers massive exposure of secrets
March 17, 2025
SuperBlack ransomware used to exploit Fortinet vulnerabilities
March 14, 2025
FCC launches national security unit to counter state-linked threats to US telecoms
March 13, 2025
Juniper MX routers targeted by China-nexus threat group using custom backdoors
March 12, 2025
Trump nominates Plankey to lead CISA
March 11, 2025
Majority of ransomware claims involved compromise of perimeter security devices
March 11, 2025
Former NSA cyber director warns drastic job cuts threaten national security
March 10, 2025
Eleven11bot estimates revised downward as researchers point to Mirai variant
March 7, 2025
CrowdStrike shares fall as company forecasts lower-than-expected results
March 5, 2025
More than 86K IoT devices compromised by fast-growing Eleven11 botnet
March 4, 2025
Lee Enterprises investigating ransomware claim, data leak threat
March 3, 2025
Massive Iran-linked botnet launches DDoS attacks against telecom, gaming platforms
March 3, 2025
Critical infrastructure at state, local levels at heightened risk of cyberattacks
Feb. 28, 2025
CISA taps Karen Evans as executive assistant director for cybersecurity
Feb. 27, 2025
State-linked threat groups collaborating with hacktivists, other actors to target infrastructure
Feb. 26, 2025
More than 400 SonicWall firewall instances remain vulnerable to attack
Feb. 25, 2025
Palo Alto Networks warns hackers attempting to exploit a file read flaw in firewalls
Feb. 24, 2025
CrowdStrike CSO Shawn Henry to retire by end of March
Feb. 21, 2025
SEC revamps cyber and crypto enforcement unit under Trump administration
Feb. 21, 2025
US authorities warn Ghost ransomware leverages older CVEs
Feb. 20, 2025
SonicWall authentication flaw under threat of active exploitation
Feb. 19, 2025
Lee Enterprises says cyberattack will likely have material impact
Feb. 18, 2025
Palo Alto Networks warns firewall vulnerability is under active exploitation
Feb. 18, 2025
FBI, CISA warn hackers abusing buffer overflow CVEs to launch attacks
Feb. 13, 2025
Trump to nominate Sean Cairncross as national cyber director
Feb. 12, 2025
Lee Enterprises investigating cyberattack that disrupted operations across multiple news outlets
Feb. 11, 2025
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
Feb. 10, 2025
Private equity firm to acquire SolarWinds for $4.4B
Feb. 7, 2025
Suspected botnet targets edge devices using brute force attacks
Feb. 7, 2025
Hackers deployed web shells, exploited public-facing applications in Q4
Feb. 6, 2025
Deloitte pays $5M in connection with breach of Rhode Island benefits site
Feb. 5, 2025
Exploitation of vulnerability in Zyxel CPE targets legacy routers
Feb. 4, 2025
Sophos completes $859M acquisition of Secureworks
Feb. 3, 2025
Security tool consolidation boosts efficiency, threat mitigation
Jan. 31, 2025
CISO stature gains traction as global cyber risk escalates
Jan. 30, 2025
Attackers exploit zero-day vulnerability in Zyxel CPE devices
Jan. 29, 2025
SonicWall SMA 1000 series appliances left exposed on the internet
Jan. 28, 2025
SonicWall warns hackers targeting critical vulnerability in SMA 1000 series appliances
Jan. 27, 2025
BeyondTrust says 17 customers impacted by December cyberattack spree
Jan. 24, 2025
Government payments contractor Conduent confirms cyberattack impacts multiple states
Jan. 23, 2025
DHS disbands existing advisory board memberships, raising questions about CSRB
Jan. 22, 2025
HPE probes hacker claim involving trove of sensitive company data
Jan. 21, 2025
Treasury Department issues sanctions linked to cyber intrusions, telecom attacks
Jan. 21, 2025
Blue Yonder investigating Clop ransomware threat linked to exploited Cleo CVEs
Jan. 17, 2025
Biden administration rolls out wide-reaching cybersecurity executive order
Jan. 16, 2025
Cyber disruptions remain top business risk concern in US, globally
Jan. 15, 2025
CISA adds second BeyondTrust CVE to known exploited vulnerabilities list
Jan. 14, 2025
Hack of Rhode Island social services platform impacted at least 709K, officials say
Jan. 10, 2025
CISA director reiterates prior calls for C-suites, boards to take cyber risk ownership
Jan. 10, 2025
4 cybersecurity trends to watch in 2025
Jan. 9, 2025
National cyber director calls for deterrence against China-affiliated cyber threats
Jan. 9, 2025
White House program to certify the security of IoT devices goes live
Jan. 8, 2025
CISA says hack targeting Treasury Department did not impact other federal agencies
Jan. 7, 2025
US Treasury office sanctions firm connected to state-sponsored Flax Typhoon threat group
Jan. 6, 2025
Censys researchers warn 8,600 BeyondTrust instances still exposed
Jan. 3, 2025
Hackers leaked data from Rhode Island ransomware attack, officials warn
Jan. 2, 2025
Treasury Department says state-linked hacker gained access to unclassified data in major attack
Dec. 31, 2024
Researchers warn of active exploitation of critical Apache Struts 2 flaw
Dec. 20, 2024
Mandiant traces Cleo file-transfer exploits back to October
Dec. 19, 2024
Rhode Island officials warn residents as ransomware group threatens social services data leak
Dec. 18, 2024
Pennsylvania representative pitches bill to double cyber assistance for local water systems
Dec. 17, 2024
Cleo releases CVE for actively exploited flaw in file-transfer software
Dec. 16, 2024
Security community raises concern as Cleo file-transfer CVE delayed
Dec. 13, 2024
Cleo releases new patch as threat groups ramp up exploitation of critical CVE
Dec. 12, 2024
Blue Yonder helps restore operations for majority of impacted customers
Dec. 12, 2024
Critical flaw in Cleo file-transfer software is under mass exploitation
Dec. 10, 2024
US subsidiary of global water treatment firm probes November cyberattack after data encrypted
Dec. 10, 2024
Blue Yonder investigating data leak claim following ransomware attack
Dec. 9, 2024
Morrisons recovers warehouse systems following attack on Blue Yonder
Dec. 6, 2024
CISA, German cyber authorities warn Zyxel firewalls facing active exploitation
Dec. 4, 2024
UK cyber chief warns country is at an inflection point as digital threats rise
Dec. 3, 2024
Blue Yonder moves closer to full recovery after November ransomware attack
Dec. 2, 2024
FBI, CISA warn of heightened risk of BEC attacks during holiday season
Nov. 27, 2024
Starbucks confirms Blue Yonder attack impacted employee scheduling platform
Nov. 26, 2024
As holiday season begins, US braces for looming risk of cyberattacks
Nov. 26, 2024
Ransomware hits supply chain software firm Blue Yonder ahead of Thanksgiving
Nov. 25, 2024
Corporate security teams want specialty cyber roles as regulatory pressure grows
Nov. 22, 2024
Microsoft unveils resiliency, security enhancements following July global IT outage
Nov. 21, 2024
Federal probe finds vulnerabilities across more than 300 US water systems
Nov. 19, 2024
Easterly to step down from CISA director role on Inauguration Day
Nov. 18, 2024
Microsoft revamps how it will disclose vulnerabilities
Nov. 15, 2024
National cyber director calls for streamlined security regulations
Nov. 14, 2024
Citrix Session Recording users warned of CVEs that allow hackers to gain control
Nov. 13, 2024
US hopes to leverage UN cybercrime treaty toward ransomware fight
Nov. 12, 2024
Newpark Resources discloses October ransomware attack
Nov. 11, 2024
Halliburton incurs about $35M in expenses related to August cyberattack
Nov. 8, 2024
TSA proposes cyber risk management programs for surface transportation, pipeline operators
Nov. 7, 2024
Columbus, Ohio confirms July ransomware attack compromised data of 500K people
Nov. 6, 2024
Schneider Electric investigating cyber intrusion after threat actor gains access to platform
Nov. 5, 2024
USDA, White House launch study to boost cyber resilience of rural water utilities
Nov. 4, 2024
CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files
Nov. 1, 2024
As presidential election looms, disparate approaches to cyber policy come into focus
Oct. 31, 2024
CISA rolls out international strategic plan to bolster cyber cooperation
Oct. 30, 2024
Poor vulnerability management could indicate larger cyber governance issues, S&P says
Oct. 29, 2024
Cisco warns actively exploited CVE can lead to DoS attacks against VPN services
Oct. 28, 2024
Microsoft CEO asked board to cut pay in connection with security overhaul
Oct. 25, 2024
SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure
Oct. 22, 2024
FCC expands cooperation with states on data security, privacy enforcement
Oct. 22, 2024
CISOs are gaining influence among corporate leadership
Oct. 21, 2024
Microsoft confirms partial loss of security log data on multiple platforms
Oct. 18, 2024
FBI, CISA seek input on software security, configuration changes
Oct. 17, 2024
US disables Anonymous Sudan infrastructure linked to DDoS attack spree
Oct. 17, 2024
CISA adds SolarWinds flaw to exploited vulnerabilities catalog
Oct. 16, 2024
Majority of global CISOs want to split roles as regulatory burdens grow
Oct. 15, 2024
Critical CVE in 4 Fortinet products actively exploited
Oct. 14, 2024
American Water Works reconnecting systems a week after cyberattack
Oct. 11, 2024
Cyber risk tops C-suite concerns heading into US election
Oct. 10, 2024
Trio of Ivanti CSA zero-day vulnerabilities under exploit threat
Oct. 9, 2024
American Water Works investigates unauthorized cyber intrusion
Oct. 7, 2024
CISOs, C-suite remain at odds over corporate cyber resilience
Oct. 7, 2024
Economic uncertainty cools CISO hiring and compensation growth
Oct. 4, 2024
Ivanti up against another attack spree as hackers target its endpoint manager
Oct. 3, 2024
State CISOs up against a growing threat environment with minimal funding, report finds
Oct. 2, 2024
FCC reaches $31.5M settlement with T-Mobile over rash of data breaches
Oct. 1, 2024
Top cybersecurity conferences to attend in 2025
Oct. 1, 2024
CUPS vulnerability, a near miss, delivers another warning for open source
Sept. 30, 2024
A quartet of Linux CVEs draws exploit fears among open source community
Sept. 27, 2024
CISA again raises alarm on hacktivist threat to water utilities
Sept. 26, 2024
Cyber commission seeks detailed plan to secure high-risk infrastructure
Sept. 25, 2024
CISA catalog falls short on CVEs targeted by Flax Typhoon
Sept. 24, 2024
Microsoft names deputy CISOs, flushes dead accounts as part of internal security overhaul
Sept. 23, 2024
Attackers exploit second Ivanti Cloud Service Appliance flaw for more access
Sept. 20, 2024
US authorities take down a Mirai-variant botnet tied to DDoS threat
Sept. 19, 2024
Suffolk County ransomware attack linked to lack of planning, ignored warnings
Sept. 18, 2024
Open source maintainers, under security pressure, remain largely unpaid after XZ Utils
Sept. 17, 2024
Hackers exploit CVE in older versions of Ivanti Cloud Service Appliance
Sept. 16, 2024
Microsoft, working with security partners, pledges better deployment, testing collaboration
Sept. 13, 2024
Most OT environments have at least 4 remote access tools, report finds
Sept. 12, 2024
Security budgets continue modest growth, but staff hiring slows considerably, research finds
Sept. 10, 2024
Cyber insurance keeps growing, as threats spur competition
Sept. 9, 2024
Key cyber insurance stakeholders urge government to help close $900B in uncovered risk
Sept. 6, 2024
White House launches cybersecurity hiring sprint to help fill 500,000 job openings
Sept. 5, 2024
Prolific RansomHub engaged in attack spree, feds warn
Sept. 4, 2024
Halliburton confirms data stolen in August cyberattack
Sept. 3, 2024
Iran-linked actors ramping up cyberattacks on US critical infrastructure
Sept. 3, 2024
CISA launches cyber incident reporting portal to streamline breach disclosure
Aug. 30, 2024
SentinelOne fields inquiries from new customers following global IT outage linked to CrowdStrike
Aug. 28, 2024
Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs
Aug. 28, 2024
CISA officials credit Microsoft security log expansion for improved threat visibility
Aug. 27, 2024
SEC settles cyber case with Equiniti Trust as oversight questions linger
Aug. 26, 2024
Halliburton hit by cyberattack, certain systems impacted
Aug. 22, 2024
US, Australian authorities lead international push to adopt event logging
Aug. 22, 2024
Insurance coverage drives cyber risk reduction for companies, researchers say
Aug. 21, 2024
Palo Alto Networks CEO touts leads from CrowdStrike fallout
Aug. 20, 2024
Companies aren’t as resilient against cyber risks as they think
Aug. 19, 2024
SolarWinds Web Help Desk CVE scores a 9.8
Aug. 16, 2024
DDoS attacks surge since late 2023, telecom still in hot seat
Aug. 15, 2024
White House details $11M plan to help secure open source
Aug. 14, 2024
Microsoft Windows CVE triggers blue screen of death, researchers find
Aug. 13, 2024
Attackers target legacy Cisco Smart Install features
Aug. 12, 2024
CrowdStrike pursuing deal to buy patch management specialist Action1
Aug. 9, 2024
LoanDepot reports net loss as cyber-related settlement hit Q2 financial results
Aug. 9, 2024
Progress Software says SEC declines to pursue action related to MOVEit exploitation spree
Aug. 8, 2024
CrowdStrike blames mismatch in Falcon sensor update for global IT outage
Aug. 7, 2024
Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems
Aug. 6, 2024
Insured loss impact could reach $1B following CrowdStrike outage
Aug. 5, 2024
CrowdStrike outage renews supply chain concerns, federal officials say
Aug. 2, 2024
CrowdStrike investors file class action suit following global IT outage
Aug. 1, 2024
Microsoft confirms Azure, 365 outage linked to DDoS attack
July 31, 2024
Business interruption claims will drive insurance losses linked to CrowdStrike IT disruption
July 30, 2024
SolarWinds legal ruling expected to narrow, but maintain SEC oversight on cyber transparency
July 29, 2024
White House, CISA name key cybersecurity officials as national resilience strategy rollout continues
July 26, 2024
CrowdStrike CEO says 97% of Windows sensors restored in IT outage recovery effort
July 26, 2024
CrowdStrike disruption direct losses to reach $5.4B for Fortune 500, study finds
July 25, 2024
CrowdStrike software crash linked to undetected error in content update for Windows users
July 24, 2024
Dragos warns of novel malware targeting industrial control systems
July 23, 2024
CrowdStrike, Microsoft scramble to contain fallout from global IT outage
July 22, 2024
CrowdStrike software update at the root of a massive global IT outage
July 19, 2024
Majority of SEC civil fraud case against SolarWinds dismissed, but core remains
July 18, 2024
Nearly 1 in 3 software development professionals unaware of secure practices
July 16, 2024
AutoNation warns CDK cyberattack will dent quarterly earnings
July 15, 2024
Critical infrastructure providers seek guardrails on scope, timeline for CIRCIA rules
July 8, 2024
Microsoft warns of elevated risk in Rockwell Automation PanelView Plus CVEs
July 3, 2024
Cisco Nexus devices zero day raises alarms despite CVSS score
July 2, 2024
Supreme Court ruling on Chevron doctrine may upend future cybersecurity regulation
July 2, 2024
TeamViewer’s IT network breached through compromised employee credentials
July 1, 2024
Microsoft alerts additional customers of state-linked threat group attacks
June 28, 2024
Memory-unsafe code runs rampant in critical open-source projects
June 27, 2024
Cyber insurance terms drive companies to invest more in security, report finds
June 26, 2024
Cloud security becoming top priority for companies worldwide
June 25, 2024
Nearly 150,000 ASUS routers potentially exposed to critical vulnerability
June 21, 2024
Santander warns US employees bank account info stolen in third-party database hack
June 20, 2024
MFA plays a rising role in major attacks, research finds
June 18, 2024
TellYouThePass ransomware widely targets vulnerable PHP instances
June 14, 2024
Microsoft president promises significant culture changes geared towards security
June 14, 2024
Microsoft will take full ownership for security failures in House testimony
June 13, 2024
Rust Foundation leads the charge to improve critical systems security
June 12, 2024
SolarWinds file-transfer vulnerability ripe for exploitation, researchers warn
June 12, 2024
Critical PHP CVE is under attack — research shows it’s easy to exploit
June 11, 2024
Frontier Communications says cyberattack snagged data from 751,000 people
June 7, 2024
Tenable to acquire Eureka Security for greater visibility into cloud data environment
June 6, 2024
CrowdStrike soars above industry spending concerns, digs at rivals
June 5, 2024
White House wants to harmonize the breadth of cybersecurity regulations
June 5, 2024
Cyber risk is rising for poorly configured OT devices
June 3, 2024
Check Point Software VPN exploitation risk greater than previously stated: researchers
May 31, 2024
CISOs under pressure from boards to downplay cyber risk: study
May 30, 2024
First American says personal data of 44K breached in December cyberattack
May 29, 2024
Check Point Software links newly identified CVE to VPN attacks
May 29, 2024
Check Point Software customers targeted by hackers using old, local VPN accounts
May 28, 2024
Cyber officials, incident response teams brace for Memorial Day weekend
May 24, 2024
White House seeks critical cyber assistance for water utilities, healthcare
May 23, 2024
Palo Alto Networks sees strong customer response to platform consolidation strategy
May 21, 2024
EPA to ramp up enforcement as most water utilities lack cyber safeguards
May 21, 2024
Open source threat intel platform launched weeks after malicious backdoor targeted XZ Utils
May 20, 2024
Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks
May 17, 2024
Palo Alto Networks signs broad enterprise cybersecurity partnership with IBM
May 16, 2024
National Cyber Director echoes past warnings: Nation-state cyber threats are mounting
May 15, 2024
Cyber insurance costs are stabilizing as global market grows
May 14, 2024
Black Basta ransomware is toying with critical infrastructure providers, authorities say
May 13, 2024
White House wants to hold the software sector accountable for security
May 10, 2024
68 tech, security vendors commit to secure-by-design practices
May 9, 2024
The US really wants to improve critical infrastructure cyber resilience
May 8, 2024
CISA, FBI urge software companies to eliminate directory traversal vulnerabilities
May 7, 2024
Microsoft restructures security governance, aligning deputy CISOs and engineering teams
May 3, 2024
Clorox lowers sales outlook as recovery from 2023 cyberattack continues
May 3, 2024
Hacktivists exploiting poor cyber hygiene at critical infrastructure providers
May 1, 2024
CVE exploitation nearly tripled in 2023, Verizon finds
May 1, 2024
At Microsoft, years of security debt come crashing down
April 30, 2024
Cactus ransomware targets a handful of Qlik Sense CVEs
April 29, 2024
Microsoft CEO says security is its No. 1 priority
April 26, 2024
Cisco devices again targeted by state-linked threat campaign
April 25, 2024
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
April 24, 2024
Enterprises are getting better at detecting security incidents
April 23, 2024
Majority of businesses worldwide are implementing zero trust, Gartner finds
April 22, 2024
Fears rise of social engineering campaign as open source community spots another threat
April 16, 2024
CISA to big tech: After XZ Utils, open source needs your support
April 15, 2024
With Sisense compromise, the race begins to understand the impact
April 12, 2024
FBI director echoes past warnings, as critical infrastructure hacking threat festers
April 11, 2024
Microsoft embraces common weakness enumeration standard for vulnerability disclosure
April 10, 2024
CISO role shows significant gains amid corporate recognition of cyber risk
April 9, 2024
Industry stakeholders seek 30-day delay for CIRCIA comments deadline
April 8, 2024
CISA assessing threat to federal agencies from Microsoft adversary Midnight Blizzard
April 5, 2024
Ivanti pledges security overhaul after critical vulnerabilities targeted in lengthy exploit spree
April 4, 2024
Microsoft Exchange state-linked hack entirely preventable, cyber review board finds
April 3, 2024
Motivations behind XZ Utils backdoor may extend beyond rogue maintainer
April 2, 2024
Red Hat warns of backoor in widely used Linux utility
April 1, 2024
Progress Software continues to cooperate with SEC probe into MOVEit exploitation
March 29, 2024
Water woes: A federal push for cyber mitigation is highlighting the sector’s fault lines
March 28, 2024
CISA issues notice for long-awaited critical infrastructure reporting requirements
March 27, 2024
Software makers urged to flush SQL injection vulnerabilities
March 26, 2024
Marsh launches group captive insurance firm for cyber
March 25, 2024
Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears
March 22, 2024
More warnings emerge about state-linked cyber threats to water infrastructure
March 20, 2024
What’s material to the SEC, 3 months into cyber disclosure rules?
March 18, 2024
FCC approves voluntary cyber labeling program for smart home IoT devices
March 15, 2024
Threat actors are turning to novel malware as malicious attacks rise
March 14, 2024
White House adds teeth to secure software development requirements
March 13, 2024
JetBrains says TeamCity servers exploited as it defends disclosure policies
March 12, 2024
Fidelity Investments Life Insurance says customer data breach linked to third-party hack
March 8, 2024
Financial services sees sharp increase in DDoS attacks as geopolitical tensions rise
March 7, 2024
Yet another threat actor seen exploiting ConnectWise ScreenConnect
March 6, 2024
JetBrains TeamCity a ripe attack target as more vulnerabilities emerge
March 5, 2024
In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly
March 4, 2024
Ivanti exploit warnings go global as Five Eyes sound alarm
Feb. 29, 2024
ConnectWise ScreenConnect critical CVE lures an array of threat actors
Feb. 29, 2024
White House rallies industry support for memory safe programming
Feb. 28, 2024
Ivanti Connect Secure hackers hide in plain sight, evading protections
Feb. 27, 2024
MGM Resorts’ cyberattack headache continues as regulators launch investigations
Feb. 26, 2024
ConnectWise ScreenConnect faces new attacks involving LockBit ransomware
Feb. 23, 2024
ConnectWise ScreenConnect under active exploitation due to critical flaws
Feb. 22, 2024
Biden administration issues executive order on port cybersecurity
Feb. 21, 2024
Palo Alto Networks’ free incentives offer sparks investor anxiety
Feb. 21, 2024
LockBit operations dismantled following international takedown
Feb. 20, 2024
FBI-led operation disrupts botnet controlled by state-linked Forest Blizzard
Feb. 16, 2024
OpenAI, Microsoft warn of state-linked actors’ AI use
Feb. 15, 2024
Ivanti Connect Secure threat activity continues as researchers flag additional flaws
Feb. 12, 2024
National cyber director urges private sector collaboration to counter nation-state cyber threat
Feb. 9, 2024
CISA, FBI confirm critical infrastructure intrusions by China-linked hackers
Feb. 7, 2024
JetBrains warns of another critical CVE in on-premises TeamCity servers
Feb. 7, 2024
Ivanti VPNs face renewed threat activity after initial patch release and new CVEs
Feb. 6, 2024
Schneider Electric restores sustainability operations after attack
Feb. 6, 2024
Business, technology groups back SolarWinds motion to dismiss SEC charges
Feb. 5, 2024
Blackbaud settles FTC data security probe into 2020 ransomware attack
Feb. 2, 2024
China-linked hackers primed to attack US critical infrastructure, FBI director says
Feb. 1, 2024
Delayed Ivanti patch arrives after weeks of exploitation
Jan. 31, 2024
In 2024, the cybersecurity industry awaits more regulation — and enforcement
Jan. 31, 2024
Schneider Electric hit by ransomware attack against its sustainability business division
Jan. 30, 2024
Ivanti Connect Secure zero-day patches delayed
Jan. 29, 2024
Midnight Blizzard attack seen as another sign of Microsoft falling short on security
Jan. 26, 2024
Trading platform EquiLend down following cyberattack
Jan. 25, 2024
Atlassian Confluence Data Center under active exploitation in older versions
Jan. 23, 2024
Microsoft to overhaul internal security practices after Midnight Blizzard attack
Jan. 22, 2024
CISA issues emergency directive for federal agencies to mitigate Ivanti vulnerabilities
Jan. 19, 2024
Ivanti Connect Secure exploitation accelerates as Moody’s calls impact credit negative
Jan. 19, 2024
Citrix warns of limited exploitation in a pair of Netscaler zero days
Jan. 18, 2024
Ivanti Connect Secure exploitation accelerates, 1,700 devices compromised worldwide
Jan. 17, 2024
Cyber tops business risk for enterprises worldwide, report finds
Jan. 16, 2024
Ivanti Connect Secure attacks part of deliberate espionage operation
Jan. 12, 2024
Ivanti Connect Secure devices face active exploitation, patch schedule staggered
Jan. 11, 2024
5 cybersecurity trends to watch in 2024
Jan. 10, 2024
Fidelity National Financial cyberattack impacts up to 1.3M customers
Jan. 10, 2024
Merck reaches settlement in closely watched NotPetya insurance case
Jan. 8, 2024
Apache OFBiz critical CVE leads to surge in exploitation attempts
Jan. 5, 2024
Mimecast acquires human risk management specialist Elevate Security
Jan. 4, 2024
SonicWall acquires Banyan Security to boost cloud security portfolio for remote work
Jan. 3, 2024
Xerox discloses a subsidiary’s breach following ransomware claim of data theft
Jan. 3, 2024
First American Financial confirms threat actors stole and encrypted data
Jan. 2, 2024
First American Financial takes systems offline after cyber incident
Dec. 21, 2023
CISA seeks comment on secure by design principles to boost global software security
Dec. 21, 2023
Cyber risk strategies in hot seat as SEC rules go live
Dec. 20, 2023
Comcast’s Xfinity discloses massive data breach linked to CitrixBleed vulnerability
Dec. 19, 2023
What the SEC weighed in finalizing the cyber disclosure rules
Dec. 18, 2023
State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign
Dec. 15, 2023
CitrixBleed isn’t going away: Security experts struggle to control critical vulnerability
Dec. 14, 2023
Check Point Software in SEC settlement talks in connection with SolarWinds probe
Dec. 13, 2023
White House wants to set minimum cyber standards for hospitals, healthcare
Dec. 11, 2023
2 years on, Log4j still haunts the security community
Dec. 8, 2023
Fidelity National Financial still assessing cyberattack impact, but is insured
Dec. 7, 2023
CISA performance goals program trims exploited CVEs
Dec. 6, 2023
Water utility cyberattacks underscore ongoing threat to OT
Dec. 5, 2023
Authorities raise alarm on threats against water, other critical sectors
Dec. 4, 2023
Fidelity National Financial restoring operations after containing cyberattack
Dec. 4, 2023
Staples hit by cyberattack during critical Cyber Week sales push
Dec. 1, 2023
North Texas water utility the latest suspected industrial ransomware target
Nov. 30, 2023
CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks
Nov. 29, 2023
For financial services firms, a pattern of malicious cyber activity is emerging
Nov. 29, 2023
NY reaches $1M breach settlement with First American Title Insurance
Nov. 28, 2023
Authorities pushing for secure AI development practices
Nov. 27, 2023
Fidelity National Financial investigating cyberattack that led to service disruption
Nov. 27, 2023
CitrixBleed worries mount as nation state, criminal groups launch exploits
Nov. 22, 2023
Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend
Nov. 21, 2023
Stanley Steemer hack breached data of almost 67K customers
Nov. 17, 2023
Palo Alto Networks’ largest customers get no-cost incident response
Nov. 15, 2023
Rackspace records $5M in expenses related to 2022 ransomware attack
Nov. 14, 2023
Dragos again targeted by ransomware group, this time from AlphV
Nov. 13, 2023
As Congress weighs budget priorities, top cyber execs urge CISA funding support
Nov. 10, 2023
MGM Resorts anticipates no further disruptions from September cyberattack
Nov. 9, 2023
CitrixBleed sparks race to patch, hunt for malicious activity
Nov. 8, 2023
Microsoft overhauls cyber strategy to finally embrace security by default
Nov. 3, 2023
For the SEC, the fraud case against SolarWinds is a cybersecurity warning shot
Nov. 2, 2023
Caesars shakes off cyberattack with strong Q3 Las Vegas demand
Nov. 1, 2023
Global cybersecurity workforce grows, but still confronts shortfall of 4M people
Oct. 31, 2023
SEC charges SolarWinds, its CISO with fraud
Oct. 30, 2023
Five Guys discloses hack of 2 employees’ emails
Oct. 30, 2023
CISA targets software identification in push to boost supply chain security
Oct. 27, 2023
Novel zero-day exploits fuel Q3 surge in DDoS attacks
Oct. 26, 2023
Microsoft touts demand for its security services in fiscal Q1, driven by AI appetite
Oct. 25, 2023
Citrix urges NetScaler ADC, Gateway customers to patch
Oct. 24, 2023
Cisco urges IOS XE customers to patch as thousands of devices remain infected
Oct. 24, 2023
Microsoft extends security log retention following State Department hacks
Oct. 23, 2023
Cisco releases security fix for widely-exploited IOS XE software vulnerability
Oct. 20, 2023
Critical flaw in JetBrains TeamCity exploited weeks after patch issued
Oct. 20, 2023
Almost 42K Cisco IOS XE devices exploited, no patch available
Oct. 19, 2023
Citrix Netscaler patch for critical CVE bypassed by malicious hackers
Oct. 18, 2023
CISA launches new phase of Secure by Design to push global industry on software security
Oct. 18, 2023
Cisco’s critical IOS XE software zero day is a ‘bad situation’
Oct. 17, 2023
EPA rescinds rule to include cybersecurity in water system audits after legal challenge
Oct. 16, 2023
SMBs seek cyber training, support as attack risk surges
Oct. 16, 2023
Critical Atlassian Confluence CVE under exploit by prolific state-linked actor
Oct. 13, 2023
Federal agencies press OT/ICS providers on open-source security
Oct. 12, 2023
Curl CVE has security community on edge as patch drops
Oct. 11, 2023
CISA urges security upgrades as DDoS continues to target Rapid Reset zero day
Oct. 11, 2023
Cloud giants sound alarm on record-breaking DDoS attacks
Oct. 10, 2023
Caesars Entertainment says social-engineering attack behind August breach
Oct. 9, 2023
MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack
Oct. 6, 2023
Clorox warns of quarterly loss related to August cyberattack, production delays
Oct. 5, 2023
CISA pivots focus to China-linked threats against critical infrastructure
Oct. 5, 2023
C-suite leaders to boost cybersecurity compliance amid SEC disclosure rule: Deloitte
Oct. 2, 2023
Clorox resumes normal plant operations in the wake of cyberattack
Oct. 2, 2023
CISA furloughs will cut deep if government shuts down
Sept. 29, 2023
Cisco routers abused by China-linked hackers against US, Japan companies
Sept. 28, 2023
CISA rolls dice on public service campaign to raise cyber awareness
Sept. 27, 2023
Caesars Entertainment faces class action lawsuits following rewards database hack
Sept. 27, 2023
Campbell Soup says summer cyberattack caused limited business impact
Sept. 26, 2023
MGM Resorts warns customers of fraud as it faces class action lawsuits
Sept. 25, 2023
CISA urges use of memory safe code in software development
Sept. 22, 2023
MGM Resorts says hotel, casino operations back up and running
Sept. 21, 2023
US is making headway on securing cyber infrastructure, commission says
Sept. 20, 2023
FBI director urges private sector to work with the agency on cyber threats
Sept. 19, 2023
Clorox warns of product shortages a month after disclosing cyberattack
Sept. 18, 2023
MGM, Caesars attacks raise new concerns about social engineering tactics
Sept. 18, 2023
Threat actors claim to have compromised MGM Resorts’ Okta environment
Sept. 15, 2023
MGM Resorts disruption linked to recent attacks against hospitality industry
Sept. 14, 2023
White House, federal cyber leaders pledge renewed support for open source security
Sept. 13, 2023
MGM Resorts discloses cyber incident in filing with SEC
Sept. 13, 2023
IronNet considers bankruptcy after it furloughs most workers
Sept. 12, 2023
MGM Resorts takes systems offline as it investigates cyberattack
Sept. 11, 2023
White House mulls rating system to boost cybersecurity for critical infrastructure
Sept. 11, 2023
CISA director: Critical infrastructure cyber incident reporting rules almost ready
Sept. 8, 2023
Microsoft crash dump exposed key that led to US cabinet email hacks, investigation finds
Sept. 7, 2023
Cybersecurity investments boost profitability, resilience: White House
Sept. 6, 2023
SEC cyber disclosure rules put CISO liability under the spotlight
Sept. 5, 2023
Barracuda patch bypassed by novel malware from China-linked threat group
Sept. 1, 2023
CrowdStrike soars on security tool consolidation demand
Aug. 31, 2023
US leads takedown of Qakbot malware, which automated initial infections
Aug. 30, 2023
Cyber insurance providers increase scrutiny on enterprise risk, report finds
Aug. 29, 2023
Corporate boards expand cybersecurity risk oversight, report finds
Aug. 28, 2023
Software industry urged to assume risk on open source security
Aug. 25, 2023
Barracuda ESG zero-day exploit still under way after patches fail
Aug. 24, 2023
Hackers target Pentagon contract site via compromised routers
Aug. 23, 2023
SentinelOne pursues potential sale amid slow growth, report says
Aug. 22, 2023
Palo Alto Networks posts strong Q4 amid consolidation, new SEC rules
Aug. 21, 2023
Palo Alto Networks closely watched ahead of late Friday Q4 report
Aug. 18, 2023
Suncor CEO says company mostly recovered from June cyberattack
Aug. 17, 2023
SEC cyber rules ignite tension between reputation and security risk
Aug. 15, 2023
Microsoft, cloud security under the microscope with federal cyber review
Aug. 14, 2023
White House wants input on open source security, memory-safe languages
Aug. 11, 2023
New York rolls out statewide cybersecurity strategy
Aug. 10, 2023
Rapid7 to cut 18% of workforce, shutter certain offices
Aug. 9, 2023
NIST releases draft overhaul of its core cybersecurity framework
Aug. 9, 2023
AWS pledges $20M to K-12 cyber training, incident response
Aug. 7, 2023
White House rolls out millions in funding to combat K-12 cyberattacks
Aug. 7, 2023
CISA seeks to address visibility, resilience in 3-year strategic plan
Aug. 7, 2023
Broad SBOM adoption takes root as businesses watch their supply chains
Aug. 4, 2023
Tenable CEO calls out Microsoft delay on months-old Azure vulnerability
Aug. 3, 2023
Businesses improved cyber incident response times following Log4j, report finds
Aug. 2, 2023
White House looks to close massive cyber skills gap
Aug. 1, 2023
Reddit names seasoned IT security leader as new CISO
July 31, 2023
New Jersey Supreme Court to hear Merck insurance dispute over NotPetya attack
July 28, 2023
TSA revises security directives for oil and gas pipelines to test resilience
July 27, 2023
SEC votes to overhaul disclosure rules for material cyber events
July 26, 2023
White House taps longtime military, intelligence leader for national cyber director
July 25, 2023
New York cyber lead warns of what states face in critical infrastructure defense
July 25, 2023
Citrix zero day exposes critical infrastructure, one provider hit
July 24, 2023
Microsoft attackers may have data access beyond Outlook, researchers warn
July 21, 2023
DDoS attacks, growing more sophisticated, surged in Q2
July 19, 2023
Microsoft offers free security logs amid backlash from State Department hack
July 19, 2023
White House unveils consumer labeling program to strengthen IoT security
July 18, 2023
Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts
July 17, 2023
Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products
July 14, 2023
Microsoft warns China-linked APT actor hacked US agency, other email accounts
July 12, 2023
RomCom uses Word documents in new phishing campaign, Microsoft warns
July 12, 2023
IronNet restructures management in deal to go private
July 12, 2023
Cybersecurity funding drops sharply in Q2
July 11, 2023
Threat group testing more sophisticated DDoS hacks, authorities warn
July 10, 2023
Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn
July 7, 2023
Suncor Energy confirms hackers breached Petro-Canada gas stations’ customer rewards data
July 6, 2023
IronNet in NYSE compliance crosshairs after failing to file quarterly earnings on time
July 6, 2023
Petro-Canada reports service restoration after suspected Suncor breach
June 29, 2023
Suncor Energy continues probe of cyber incident disrupting gas station payments
June 28, 2023
Rubrik, Microsoft partner to leverage generative AI for faster incident response
June 28, 2023
State and local governments grapple to mitigate cyber risks
June 27, 2023
SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation
June 26, 2023
Big names disclose MOVEit-related breaches, including PwC, EY and Genworth Financial
June 23, 2023
Google backs $20M effort to train students for key cybersecurity jobs
June 23, 2023
Dole says February ransomware attack breached data of almost 3,900 US workers
June 22, 2023
Mondelēz retirement data breached after hacker targets law firm Bryan Cave
June 21, 2023
Progress Software faces federal class action lawsuits as MOVEit breach exposure widens
June 21, 2023
US puts $10M bounty on Clop as federal agencies confirm data compromises
June 20, 2023
Microsoft confirms DDoS attacks caused Azure, OneDrive outages
June 20, 2023
SEC delays final rule on cyber incident disclosure as industry pushes back
June 16, 2023
Barracuda ESG devices actively exploited in broad, ongoing espionage campaign
June 15, 2023
Microsoft review of Azure outage shows spike in HTTP requests as researchers blame DDoS
June 14, 2023
Fortinet urges firmware upgrades after critical vulnerability at risk of malicious attacks
June 13, 2023
Microsoft says Azure disrupted after a week of repeated service outages
June 12, 2023
Cloud services seen as key tool in shifting balance of cyber risk
June 12, 2023
Microsoft investigating threat actor claims following multiple outages in 365, OneDrive
June 9, 2023
Cyber insurance market is stabilizing as growth remains certain, Moody’s says
June 8, 2023
Dragos to slash 9% of workforce, trim other costs amid sales slowdown
June 8, 2023
Existing security policy for critical infrastructure needs major overhaul, commission says
June 7, 2023
Cybercriminals target C-suite, family members with sophisticated attacks
June 5, 2023
FTC chair warns that AI businesses must still operate within existing laws
June 2, 2023
CISOs still expect cyber budget increases amid economic pressure
June 1, 2023
Moody’s cites credit risk from state-backed cyber intrusions into US critical infrastructure
May 31, 2023
PyPI to mandate 2FA by the end of 2023
May 30, 2023
Ahead of summer holiday weekends, IT security leaders brace for deliberate cyber mischief
May 26, 2023
Broad campaign underway to access US critical infrastructure using small, home office devices
May 25, 2023
CISA updates ransomware guide 3 years after its debut
May 24, 2023
BEC attacks rise as criminal hackers employ new tactics to evade detection
May 23, 2023
Dole incurs $10.5M in direct costs from February ransomware attack
May 18, 2023
Cyber resilience programs falling short on preparing workers for a crisis
May 18, 2023
House hearing details cyber resilience efforts for energy, water and healthcare
May 17, 2023
Yum Brands faces class action suits from employees after ransomware attack
May 16, 2023
Western Digital cyberattack not expected to have material impact on future earnings
May 15, 2023
Criminal actors switch tactics after Microsoft began to block macros last year
May 12, 2023
Dragos says it thwarted extortion bid by known ransomware threat group
May 11, 2023
Walden says cybersecurity strategy mostly well-received
May 10, 2023
CISO anxiety returns amid heightened concern of material cyberattacks
May 9, 2023
Western Digital confirms customer data accessed by hackers in attack
May 8, 2023
Former Uber CSO avoids prison time for ransomware coverup
May 5, 2023
Google, Dashlane separately move to eliminate passwords
May 4, 2023
Merck cyber coverage upheld in NotPetya decision, seen as victory for policyholders
May 3, 2023
Most open source maintainers still consider themselves hobbyists, despite compensation pledges
May 2, 2023
Organizations are boosting resilience, getting faster at incident response
May 1, 2023
CISA seeks public comment on software security attestation form
April 28, 2023
Global cyber insurance prices continue to moderate in Q1
April 27, 2023
NCR restores more services following ransomware attack
April 26, 2023
More than 2K organizations at risk of major attacks linked to SLP vulnerability
April 25, 2023
Early warning threat information platform launched for OT
April 24, 2023
3CX has a 7-part plan to shore up its security
April 20, 2023
Software industry leaders debate real costs and benefits of CISA security push
April 14, 2023
CISA, partner agencies unveil secure by design principles in historic shift of software security
April 13, 2023
CISA to unveil secure-by-design principles this week amid push for software security
April 12, 2023
3CX threat actor named as company focuses on security upgrades, customer retention
April 12, 2023
Western Digital restores local access to My Cloud Home customers following security breach
April 11, 2023
Biden cyber officials see auto, food safety as models for security overhaul
April 10, 2023
3CX updates Windows app for desktop following supply chain attack
April 7, 2023
Broad MFA, rapid patching a must to stop cyberattacks, Marsh McLennan finds
April 6, 2023
IT security leaders still told to keep data breaches quiet, study finds
April 6, 2023
3CX makes progress restoring Windows app from state-linked supply chain attack
April 5, 2023
Palo Alto security software stung by ransomware strain
April 4, 2023
Western Digital cyber incident is credit negative: Moody’s analyst
April 4, 2023
Western Digital takes systems offline after threat actor gains access to company data
April 3, 2023
3CX retains Mandiant to investigate supply chain attack with global reach
March 31, 2023
Supply chain attack against 3CX communications app could impact thousands
March 30, 2023
White House eyes the next frontier of cybersecurity — space
March 30, 2023
Lumen Technologies says ransomware attack disrupted call centers
March 29, 2023
Microsoft unveils Security Copilot built on GPT-4
March 28, 2023
Lumen Technologies hit with 2 separate security incidents
March 28, 2023
US looks to reimagine cybersecurity paradigm with burden shift, rebuilt infrastructure
March 24, 2023
CISA director urges top business leaders, board members to take cyber risk ownership
March 24, 2023
CISA revises cybersecurity performance goals
March 22, 2023
Outlook zero-day still vulnerable to attackers with prior access, researchers find
March 20, 2023
Security drives software purchases for half of US companies
March 20, 2023
Google Cloud joins FS-ISAC’s critical providers program to share threat intel
March 17, 2023
SEC proposes cybersecurity disclosure rules for financial industry specialists
March 17, 2023
Outlook zero day linked to critical infrastructure attacks
March 16, 2023
MKS Instruments hit by class-action litigation following ransomware attack
March 15, 2023
CISA launches ransomware warning pilot for critical infrastructure providers
March 14, 2023
Shift to secure-by-design must start at university level, CISA director says
March 13, 2023
Blackbaud to pay $3M to settle SEC charges of a misleading ransomware investigation
March 10, 2023
GitHub to begin rollout of 2FA security upgrade for developers
March 9, 2023
CrowdStrike grows subscriber base as customers consolidate security services
March 9, 2023
TSA unveils emergency cybersecurity requirements for airlines, airports
March 8, 2023
Dole doesn’t expect to recover full costs of ransomware attack
March 8, 2023
Insurance holding company Group 1001 says operations restored after ransomware attack
March 7, 2023
Who is liable for flawed software? New guidance upends the security standard
March 6, 2023
EPA unveils cybersecurity oversight for public drinking water systems
March 3, 2023
The US cyber strategy is out. Now, officials just have to implement it
March 3, 2023
MKS Instruments says February ransomware attack will clip $200M from revenue
March 2, 2023
White House releases national cyber strategy, shifting security burden
March 2, 2023
CISA red team cracks a critical infrastructure provider’s defenses, a lesson in lateral access
March 1, 2023
3 CISA principles for secure by design
Feb. 28, 2023
CISA director urges tech industry to take responsibility for secure products
Feb. 27, 2023
Dole hit by ransomware, North America operations briefly disrupted
Feb. 23, 2023
IT security budgets triple as businesses confront more cyberattacks across Europe, US
Feb. 16, 2023
Google backs federal push for tech to embrace ‘secure by design’
Feb. 15, 2023
Liberty Mutual launches global cyber office
Feb. 14, 2023
Companies often operate in dark with little applied threat intelligence
Feb. 13, 2023
Reddit says limited amount of source code, employee data accessed in phishing attack
Feb. 10, 2023
National cyber director to retire this month
Feb. 9, 2023
Half of executives expect an increase in cyber incidents targeting financial data: report
Feb. 8, 2023
Sports betting apps fumble open source, placing users at risk
Feb. 7, 2023
Corporate boards struggle to understand cybersecurity and digital transformation
Feb. 6, 2023
CVEs expected to rise in 2023, as organizations still struggle to patch
Feb. 3, 2023
98% of organizations worldwide connected to breached third-party vendors
Feb. 2, 2023
Microsoft disables phishing campaign after researchers flag OAuth app abuse
Feb. 1, 2023
CISOs to face new budget hurdles in 2023 as economic anxiety lingers
Jan. 31, 2023
On deck for the business of cybersecurity: Fire sales and due diligence
Jan. 31, 2023
Microsoft surpasses $20B in security revenue as enterprise customers consolidate
Jan. 30, 2023
CISA’s public-private cyber collaborative to focus on energy, water
Jan. 27, 2023
Threat actors are using remote monitoring software to launch phishing attacks
Jan. 26, 2023
Exchange Server under pressure as opportunistic actors step up attacks
Jan. 25, 2023
Only half of companies have the budgets necessary to mitigate cybersecurity risks: study
Jan. 24, 2023
Almost half of critical manufacturing organizations face significant risk of data breach
Jan. 23, 2023
Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry
Jan. 20, 2023
World Economic Forum officials warn global instability could lead to catastrophic cyber event
Jan. 19, 2023
Mailchimp hit by second cyberattack in 6 months, 133 customers impacted
Jan. 19, 2023
Cyber, business interruption remain top global corporate risks
Jan. 18, 2023
Four Microsoft Azure services found vulnerable to server-side request forgery
Jan. 17, 2023
CircleCI probe links malware placed on engineer’s laptop to larger breach
Jan. 13, 2023
Citrix flaw exploited in ransomware attack against small US business
Jan. 13, 2023
CircleCI working with AWS to identify, revoke keys impacted by security incident
Jan. 12, 2023
Surging cyberthreats, data concerns remain top dispute risks for organizations
Jan. 12, 2023
CISA adds Exchange Server, Windows vulnerabilities to catalog of exploited CVEs
Jan. 11, 2023
NRF forms cyberthreat intelligence partnership with RH-ISAC
Jan. 11, 2023
Beazley launches historic $45M cyber catastrophe bond
Jan. 10, 2023
CircleCI incident raises further concerns about security of software development
Jan. 9, 2023
Rackspace confirms ransomware attack hit a small percentage of its Hosted Exchange customers
Jan. 6, 2023
6 security experts on what cyberthreats they expect in 2023
Jan. 6, 2023
Slack employee tokens stolen, GitHub repository breached
Jan. 5, 2023
Freight company Wabtec discloses June cyberattack impacting US, overseas operations
Jan. 4, 2023
Rackspace identifies ransomware threat actor behind December attack via Exchange
Jan. 3, 2023
Rackspace recovers old emails as customers await answers from ransomware probe
Dec. 22, 2022
New exploit for Microsoft’s ProxyNotShell mitigation side steps fix
Dec. 22, 2022
Remote, third-party workers raise security risks for enterprises: report
Dec. 21, 2022
MacOS vulnerability allows threat actors to bypass Apple Gatekeeper
Dec. 20, 2022
Apple CIO steps down from Rackspace board citing new job duties
Dec. 19, 2022
Rackspace executives stand by ransomware response
Dec. 16, 2022
Rackspace blames ransomware attack on financially motivated threat actor
Dec. 15, 2022
Threat actors abuse legitimate Microsoft drivers to bypass security
Dec. 13, 2022
Fortinet urges customers to upgrade systems amid critical vulnerability
Dec. 13, 2022
Rackspace says more than two-thirds of customers regained email access
Dec. 12, 2022
Fear, panic and Log4j: One year later
Dec. 9, 2022
Rackspace scrambles to assist customers as ransomware probe continues
Dec. 8, 2022
Microsoft taps security demand to drive M365 amid fragmented market
Dec. 7, 2022
Rackspace says ransomware disrupted its Hosted Exchange business
Dec. 6, 2022
Infostealer malware surges on dark web amid rise in MFA fatigue attacks
Dec. 5, 2022
Cyber Safety Review Board to probe Lapsus$ ransomware spree
Dec. 2, 2022
Defense Department launches zero trust, phasing out perimeter defense strategy
Nov. 23, 2022
Three-quarters of retail, hospitality applications have security flaws
Nov. 22, 2022
Palo Alto Networks reports strong fiscal Q1 as security needs outpace economic fears
Nov. 21, 2022
Offshore oil and gas at risk of potentially catastrophic cyberattack: GAO
Nov. 18, 2022
Iran-linked threat actors exploiting Log4Shell via unpatched VMware, feds warn
Nov. 16, 2022
Critical infrastructure providers ask CISA to place guardrails on reporting requirements
Nov. 16, 2022
High risk, critical vulnerabilities found in 25% of all software applications and systems
Nov. 15, 2022
K-12 schools lack resources, funding to combat ransomware threat
Nov. 14, 2022
CISA warns unpatched Zimbra users to assume breach
Nov. 11, 2022
Citrix CVEs need urgent security updates, CISA says
Nov. 10, 2022
SolarWinds under SEC probe related to 2020 supply chain attack
Nov. 9, 2022
Microsoft finally releases security updates for ProxyNotShell zero days
Nov. 8, 2022
Mondelēz settlement in NotPetya case renews concerns about cyber insurance coverage
Nov. 8, 2022
NIST seeks water industry feedback on boosting cyber resilience
Nov. 4, 2022
CISA director bullish on private sector cooperation toward cybersecurity goals
Nov. 3, 2022
US ransomware payments surge to $1.2B in 2021: Treasury
Nov. 2, 2022
OpenSSL releases patch for 2 high-severity vulnerabilities after prior warning
Nov. 1, 2022
Critical OpenSSL vulnerability causes security industry to hold its breath
Nov. 1, 2022
Industrial providers ramp up cyber risk posture as OT threats evolve
Oct. 31, 2022
White House convenes dozens of countries to fight ransomware
Oct. 31, 2022
CISA aims for target rich, resource poor sectors in rollout of security basics
Oct. 28, 2022
CISA releases long-awaited cybersecurity performance goals for critical infrastructure
Oct. 27, 2022
GitHub vulnerability raises risk of open source supply chain attack
Oct. 27, 2022
Microsoft security business surges as cloud segment hit by slumping economy
Oct. 26, 2022
FTC orders Drizly to tighten data security practices as 2.5M consumers exposed
Oct. 25, 2022
Help wanted for 3.4M jobs: Cyber workforce shortage is an acute, worldwide problem
Oct. 24, 2022
White House plans IoT security labeling program for spring 2023
Oct. 21, 2022
National cybersecurity strategy to debut within months, White House official says
Oct. 20, 2022
TSA rolls out long-anticipated cyber directive for freight, passenger rail systems
Oct. 19, 2022
Uber ex-CSO verdict raises thorny issues of cyber governance and transparency
Oct. 19, 2022
Apache urges users to upgrade Common Text version to block ‘Text4Shell’ vulnerability
Oct. 19, 2022
Critical vulnerability surfaces in Apache Commons Text library
Oct. 17, 2022
Fortinet attacks escalate as company warns large swath of customers to upgrade
Oct. 17, 2022
White House to roll out Energy Star-like ratings for IoT
Oct. 12, 2022
CISA adds Fortinet CVE to vulnerability catalog after attacks escalate
Oct. 12, 2022
CISOs, corporate boards in wide disagreement on cyber resilience
Oct. 10, 2022
Microsoft struggles to mitigate Exchange Server CVEs as it races to complete patch
Oct. 6, 2022
Microsoft updates guidance to prevent future Exchange server attacks
Oct. 5, 2022
CISA orders federal IT overhaul with automated asset inventory, software scanning
Oct. 4, 2022
Microsoft warns of potential escalation for Exchange server zero days
Oct. 3, 2022
Microsoft investigating 2 zero-day vulnerabilities in Exchange Server
Sept. 30, 2022
C-suite, boards are prioritizing cybersecurity, but still expect increased threats
Sept. 30, 2022
State-linked actor targets VMware hypervisors with novel malware
Sept. 29, 2022
Most organizations had a cloud-related security incident in the past year
Sept. 28, 2022
Strict security rules could push open source community out of federal work, expert says
Sept. 27, 2022
American Airlines phishing attack involved unauthorized access to Microsoft 365
Sept. 26, 2022
Malicious OAuth applications used to control Exchange tenants in sweepstakes scam
Sept. 23, 2022
Organizations rapidly shift tactics to secure the software supply chain
Sept. 22, 2022
Stolen single sign-on credentials for major firms available for sale on dark web
Sept. 21, 2022
American Airlines targeted by threat actor in July data incident
Sept. 20, 2022
White House guidance on third-party software seen as a major test of cyber risk strategy
Sept. 19, 2022
LastPass says it contained August breach, leaving customer data and vaults secure
Sept. 16, 2022
Industrial control systems face more cyber risks than IT, expert testifies
Sept. 16, 2022
White House sets minimum security standards for federal software use
Sept. 14, 2022
Security vendor consolidation a priority for majority of organizations worldwide
Sept. 14, 2022
US is shoring up gaps in cyber policy, but critical goals remain unfulfilled
Sept. 13, 2022
US Treasury sanctions Iran intelligence agency following Albanian government attack
Sept. 12, 2022
CISA announces RFI for critical infrastructure cyber reporting mandate
Sept. 9, 2022
Researchers warn older D-Link routers are under threat from Mirai malware variant
Sept. 8, 2022
CISA Director: Tech industry should infuse security at product design stage
Sept. 7, 2022
PyPI contributors targeted by JuiceLedger in latest attack against open source
Sept. 6, 2022
Feds push for developers to take lead in securing software supply chain
Sept. 2, 2022
CrowdStrike, Palo Alto earnings show resilience in cyber investments amid macro concerns
Sept. 1, 2022
Slack enhances platform security amid rapid expansion and heightened risk
Aug. 31, 2022
Google tackles open source security with vulnerability rewards program
Aug. 30, 2022
Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil
Aug. 29, 2022
Researchers say Cisco firewall software remains vulnerable to attack despite patch
Aug. 26, 2022
LastPass breached, portions of source code stolen, CEO says
Aug. 26, 2022
Threat actors again target critical SAP ICMAD vulnerabilities
Aug. 23, 2022
Media companies at high risk of malicious cyberattack: Report
Aug. 22, 2022
Risk of cyberattack emerges as top concern of US executives
Aug. 19, 2022
Mailchimp breach shines new light on digital identity, supply chain risk
Aug. 18, 2022
DigitalOcean, caught in Mailchimp security incident, drops email vendor
Aug. 17, 2022
Zero trust adoption skyrockets, nearing universal adoption
Aug. 16, 2022
CISA director lauds first-year efforts of public-private cyber collaborative
Aug. 15, 2022
Critical flaws on widely used Cisco firewalls left unpatched for months
Aug. 12, 2022
Log4j was the right incident for inaugural review, safety board says
Aug. 11, 2022
Blockchain, privacy advocates push back on Tornado Cash sanctions
Aug. 10, 2022
Businesses boost software supply chain security, but strategies remain fragmented
Aug. 9, 2022
Twitter vulnerability risk resurfaces, testing the security of pseudonymous users
Aug. 8, 2022
White House to incorporate performance metrics into national cybersecurity strategy
Aug. 5, 2022
US must take a lead role in cyber diplomacy, State Dept. nominee says
Aug. 4, 2022
Threat actors hide malware in legitimate — and high profile — applications
Aug. 3, 2022
Initial access brokers selling online access to unsuspecting MSPs
Aug. 2, 2022
Threat actors shifting tactics as Microsoft blocks, unblocks and reblocks macros
July 29, 2022
CISA expands cyber relationship with Ukraine authorities
July 28, 2022
Mandiant red team breaches OT servers to mimic crime group techniques
July 27, 2022
Uber reaches non-prosecution deal with feds after concealing data breach
July 26, 2022
Google backs federal review board's Log4j, open source security push
July 25, 2022
TSA revises cybersecurity requirements for oil and gas pipelines
July 22, 2022
Where 5 programs are investing to close cyber skills gap
July 21, 2022
White House takes on cyber workforce gap through 120-day apprenticeship sprint
July 20, 2022
State-backed threat actors use Google Drive, Dropbox to launch attacks
July 19, 2022
Google deal to buy Mandiant clears key antitrust hurdle
July 19, 2022
CISA eyes cross-pond cyber cooperation with London office
July 18, 2022
Companies cannot see — or protect — nearly half of all device endpoints
July 13, 2022
Microsoft rollback on macro blocking in Office sows confusion
July 11, 2022
Mid-sized companies grapple with response to cyber crises
July 8, 2022
Apple's coming security features an answer to government-backed spyware
July 7, 2022
Threat actors capitalize on red team tool capable of bypassing EDR, antivirus
July 6, 2022
Google TAG exposes hack-for-hire groups targeting activists and sensitive data
July 5, 2022
Federal authorities warn MedusaLocker ransomware targeting remote desktop vulnerabilities
July 1, 2022
Google enhances password manager to boost security across platforms
June 30, 2022
Cash-strapped Main Street organizations face global cyberthreats
June 29, 2022
New York names first chief cyber officer
June 28, 2022
Carnival to pay $5M for cyber violations to NY financial regulator
June 27, 2022
Organizations lag on confidence and policies to manage open source security
June 24, 2022
Department of Energy rethinks cyber resilience in strategy to secure the grid
June 23, 2022
Dozens of vulnerabilities threaten major OT device makers
June 21, 2022
Microsoft releases long sought patch for Office Follina zero day as CISA, customers assess impact
June 15, 2022
Microsoft resolves critical vulnerability in Azure Synapse after prior patches fall short
June 14, 2022
Tenable CEO calls out Microsoft on lack of transparency on vulnerabilities
June 13, 2022
Threat actors deploy new attack methods as Microsoft Follina vulnerability lingers
June 10, 2022
FBI, CISA issue warning on China-backed cyber threats against the telecom industry
June 8, 2022
Attackers aim for Atlassian Confluence zero day with mass, targeted exploitation
June 7, 2022
Atlassian releases fix for critical zero day impacting Confluence
June 3, 2022
CISA issues warning after critical zero day hits Atlassian's Confluence
June 3, 2022
Russia, backed by ransomware gangs, actively targeting US, FBI director says
June 2, 2022
Microsoft zero day under attack as industry awaits patch
June 1, 2022
Microsoft Office zero day leaves researchers scrambling over the holiday weekend
May 31, 2022
Oil and gas industry pledges cyber cooperation at World Economic Forum
May 26, 2022
Feds remain in the dark as ransomware disclosure lags
May 25, 2022
Russian disinformation campaigns disrupt Ukraine narrative
May 24, 2022
Feds release grim reminder: Threat actors prey on basic security mishaps
May 20, 2022
Biden administration makes inroads amid zero trust rollout
May 19, 2022
How the Colonial Pipeline attack instilled urgency in cybersecurity
May 17, 2022
Tech giants pledge multimillion down payment to secure open source
May 13, 2022
White House cyber executive order still has unfinished business
May 12, 2022
US, allies blame Russia for Viasat cyberattack
May 11, 2022
Colonial Pipeline faces nearly $1M in penalties as federal regulator discloses violations
May 6, 2022
Microsoft, Apple and Google double down on FIDO passwordless standard
May 5, 2022
Ukraine cyberthreat activity ramps up against critical infrastructure, governments
May 4, 2022
Critical CVEs put Aruba Networks, Avaya enterprise switches at risk
May 3, 2022
Familiar names top 2021's most-exploited vulnerabilities list
May 2, 2022
M&A sets record pace as ransomware, nation-state threats fuel security demand
April 29, 2022
Ransomware attacks, payouts soared worldwide in 2021: report
April 27, 2022
Emotet botnet tests new techniques after global crackdown
April 26, 2022
AWS reissues Log4Shell hotpatch after vulnerabilities found
April 22, 2022
Cyber agencies renew warnings of Russia-linked threats against industrial targets
April 21, 2022
Threat detection accelerates in Asia, Europe, as notification trends shift
April 19, 2022
Authorities warn dangerous new malware can shut down, sabotage industrial sites
April 14, 2022
Microsoft intercepts Zloader botnet, a distributor for Ryuk ransomware
April 14, 2022
Datto, SailPoint acquired for more than $6B each amid growing cyber consolidation
April 11, 2022
Microsoft blocks Russian cyberattacks linked to Ukraine war
April 8, 2022
DOJ disrupts Russia-backed Cyclops Blink botnet
April 7, 2022
Federal authorities urged to bolster intel sharing amid nation-state threats
April 6, 2022
State Department launches cyber bureau amid rising global tensions
April 5, 2022
Viasat network cyberattack linked to newly discovered Russian wiper
April 1, 2022
Biden administration's FY 2023 budget includes 11% increase for cyber
March 30, 2022
Nation-state threat actors remain steps ahead of defenders
March 28, 2022
White House warns US of possible Russian cyberattack linked to Ukraine invasion
March 21, 2022
Cyberthreats grow as US, NATO countries press Russia sanctions
March 18, 2022
Russian state-sponsored actors target PrintNightmare, MFA settings
March 16, 2022
What cyber incident reporting rules mean for critical infrastructure
March 15, 2022
Congress adds historic cyber incident reporting rule to massive $1.5 trillion package
March 11, 2022
CrowdStrike shares surge on strong Q4 earnings and robust annual forecast
March 10, 2022
Russian cyberattacks surprisingly limited in Ukraine, US officials say
March 9, 2022
Google swoops in to buy Mandiant for $5.4B after weeks of market speculation
March 8, 2022
Sinclair losses mount as ransomware costs exceed insurance policy
March 7, 2022
Ukraine war tests cyber insurance exclusions
March 3, 2022
New wiper, worm attacks emerge in Ukraine targeting government and industry
March 1, 2022
Cyberattack on Nvidia results in data leak, credential theft
Feb. 25, 2022
DHS to lead federal response to Russia-Ukraine crisis
Feb. 25, 2022
Botnets, data wiping malware spread as Ukraine incursion begins
Feb. 24, 2022
Colonial Pipeline names cybersecurity veteran as first CISO
Feb. 23, 2022
Security hampers enterprise cloud adoption: report
Feb. 22, 2022
US links Russia to Ukraine DDoS attacks
Feb. 18, 2022
Critical SAP CVEs leave broad exposure, fixes require downtime
Feb. 17, 2022
Officials warn of asymmetric cyberattacks as Ukraine conflict simmers
Feb. 16, 2022
Log4j highlights ongoing cyber risk from free, open source software: Moody's
Feb. 11, 2022
Critical SAP vulnerabilities spur CISA, researcher pleas for urgent patching
Feb. 10, 2022
Apache tells US Senate committee the Log4j vulnerability could take years to resolve
Feb. 9, 2022
NIST targets software supply chain with guidance on security standards
Feb. 7, 2022
DHS adds review board to advise federal response to major cyberattacks
Feb. 3, 2022
Threat actors pressure OT, critical infrastructure by leaking sensitive data
Feb. 2, 2022
Conflict over Ukraine raises cyber risk for US enterprises
Feb. 1, 2022
Blackberry links initial access broker activity to Log4Shell exploit in VMware Horizon
Jan. 26, 2022
DHS warns local authorities, critical infrastructure providers over potential Russia threat
Jan. 25, 2022
Boards, CISOs seek alignment on OT security challenges
Jan. 24, 2022
Ukraine tensions raise cyberthreats against US companies, critical infrastructure
Jan. 21, 2022
Log4j raises cyber risk for public finance entities, Fitch warns
Jan. 19, 2022
Cobalt Strike targets VMware Horizon after UK warnings of Log4Shell threats
Jan. 18, 2022
Big tech pushes White House for open source funding, standards after Log4j
Jan. 14, 2022
FCC seeks stronger breach reporting rules for telecoms
Jan. 13, 2022
Log4j threat activity limited, but CISA says actors lay in wait
Jan. 11, 2022
Log4Shell threat activity targeting VMware Horizon, UK researchers warn
Jan. 10, 2022
Can SOAR technology help SOCs regain the advantage in threat detection?
Jan. 7, 2022
FTC threatens enforcement on firms lax about Log4j vulnerability
Jan. 5, 2022
Log4j activity expected to play out well into 2022
Jan. 4, 2022
US allies call for Log4j vigilance as organizations struggle to detect vulnerabilities
Dec. 23, 2021
Organizations still downloading vulnerable Log4j versions
Dec. 22, 2021
Federal authorities brace for long holiday as Log4j threat activity rises
Dec. 20, 2021
Log4j: What we know (and what's yet to come)
Dec. 17, 2021
Log4j attacks poised to rise as threat actors search for attack vectors
Dec. 16, 2021
Log4j threat expands as second vulnerability emerges and nation states pounce
Dec. 15, 2021
Log4j under siege, millions of devices vulnerable
Dec. 14, 2021
Federal authorities, technology vendors race to contain Log4j vulnerability
Dec. 13, 2021
Is the security of legacy IT providers prompting a confidence crisis?
Dec. 8, 2021
A year later, Nobelium-linked threat actors still target businesses, government
Dec. 6, 2021
Insurer Lloyd's slashes coverage on state-sponsored cyberattacks, reflecting battered market
Dec. 3, 2021
Majority of US retailers, critical infrastructure unscathed after holiday cyber warnings
Nov. 30, 2021
Crypto becoming the preferred currency of cybercriminals and rogue governments
Nov. 24, 2021
GoDaddy breach raises questions about how to secure identity in the enterprise
Nov. 23, 2021
Enterprises prepare for ransomware threats during Thanksgiving
Nov. 22, 2021
30K Microsoft Exchange Servers remain vulnerable to new tactics
Nov. 18, 2021
Companies urged to alert federal law enforcement in ransomware cases
Nov. 17, 2021
Threat actor breaches HPE's Aruba Central via data repository access key
Nov. 16, 2021
Banks outpace other industries in cyber investments, defense strategies: report
Nov. 15, 2021
A year after SolarWinds, third-party risk still threatens the software supply chain
Nov. 12, 2021
US backs Paris-led effort on cybersecurity cooperation
Nov. 11, 2021
Trust is becoming a CISO priority, boosts customer stickiness
Nov. 10, 2021
DOJ unveils charges, money seizures in multinational crackdown against REvil
Nov. 9, 2021
Pentagon revamps CMMC program to help SMBs meet compliance standards
Nov. 5, 2021
Sinclair Broadcast still assessing financial impact of ransomware attack
Nov. 4, 2021
Ransomware actors attempt to toy with stock valuation, disrupt M&A, FBI says
Nov. 3, 2021
Most companies dealing with employee misuse of business apps: report
Nov. 2, 2021
SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes
Nov. 1, 2021
Twitter eyes phishing deterrence with security key rollout
Oct. 29, 2021
Corporate boards, C-suite finally prioritize cyber after years of business risk
Oct. 27, 2021
Supply chain attacks lift debate on how to manage software vulnerabilities
Oct. 21, 2021
Sinclair Broadcast becomes latest media group to face ransomware attack
Oct. 19, 2021
Federal agencies warn of ransomware targeting water, wastewater treatment plants
Oct. 18, 2021
Ransomware summit takeaways: Pledges to disrupt safe havens, money laundering
Oct. 15, 2021
Biden administration seeks international progress on ransomware fight
Oct. 14, 2021
Cybersecurity tool sprawl leading to burnout, false positives: report
Oct. 13, 2021
War room preparation key to ransomware response, experts say
Oct. 11, 2021
DOJ cracks down on ransomware with cyber task force, civil fraud initiative
Oct. 7, 2021
Insider threat environment faces challenges amid changing corporate landscape
Oct. 6, 2021
Top global companies falling short in protecting domain security
Oct. 5, 2021
REvil, DarkSide highlight surge in Q2 ransomware attacks: report
Oct. 4, 2021
Threat actors more frequently — and successfully — target Active Directory
Sept. 30, 2021
Microsoft, under attack from threat actors, positions itself as cyber guardian
Sept. 29, 2021
Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor
Sept. 28, 2021
Ransomware compromises customer data in farm co-op attack
Sept. 23, 2021
Enterprises plan major investments as remote work escalates security risk: report
Sept. 22, 2021
BlackMatter gang targets Iowa agriculture cooperative in a test of critical infrastructure
Sept. 21, 2021
Companies must develop operational plan for ransomware recovery
Sept. 17, 2021
Boards rethink incident response playbook as ransomware surges
Sept. 15, 2021
Executives fail to make software supply chain security a priority, report finds
Sept. 14, 2021
Fortinet credential drop linked to fissure in ransomware group
Sept. 10, 2021
InfoSec teams under pressure to compromise security for productivity: report
Sept. 9, 2021
Exploits underway for Microsoft zero day leveraging Office documents
Sept. 8, 2021
Cybersecurity discussion growing in regulatory filings
Sept. 8, 2021
Neuberger amplifies Labor Day ransomware fears
Sept. 3, 2021
Machine identity remains a mystery, threatening digital security
Sept. 2, 2021
Ransomware capitalizes on holiday weekends. Feds urge vigilance over Labor Day
Sept. 1, 2021
Azure flaw exposes enterprise databases, raising questions on cloud security
Aug. 30, 2021
Facility management worried about OT cybersecurity, but few plan to fix it
Aug. 27, 2021
More threats target Linux, a foundation for the cloud, report finds
Aug. 25, 2021
Microsoft Exchange vulnerabilities targeted in ProxyShell attacks
Aug. 24, 2021
Men more likely to engage in risky online behavior: report
Aug. 20, 2021
Up to 83M IoT devices at risk of remote access
Aug. 18, 2021
How much does phishing really cost the enterprise?
Aug. 17, 2021
Insider risk surges as resignations mount
Aug. 13, 2021
Criminal middlemen administer access to privileged accounts
Aug. 12, 2021
APT actors target Microsoft 365 using novel techniques
Aug. 6, 2021
Decade-old router flaw allows cross-network access, Tenable finds
Aug. 4, 2021
Ransomware, supply chain attacks put cyber insurers on notice
July 28, 2021
OT cyberattacks could threaten human safety by 2025: Gartner
July 26, 2021
No ransom paid to obtain decryptor, Kaseya says
July 23, 2021
Lack of visibility leaves critical infrastructure vulnerable to ransomware
July 22, 2021
White House ties cyberattacks to China, but private sector awaits stronger action
July 20, 2021
WFH shift tests resilience of financial services amid surge in phishing, ransomware
July 16, 2021
Behind the Firewall: How 6 security execs screen vendors
July 16, 2021
Kaseya restores SaaS monitoring service after REvil ransomware attack
July 12, 2021
Kaseya: What's known (and unknown) about the ransomware attack
July 9, 2021
Kaseya postpones service restoration, apologizes for attack
July 8, 2021
Kaseya misses first attempt to restore SaaS following REvil attack
July 7, 2021
Kaseya wrestles with service restoration following supply chain attack
July 6, 2021
Ransomware attack against Kaseya creates rippling supply chain compromise
July 2, 2021
Cloud targeted in widespread brute force campaign
July 2, 2021
Cobalt Strike rising in prominence among criminal threat actors
July 1, 2021
Critical goods industries face existential ransomware decisions
June 30, 2021
Spoofing, spear phishing dominate BEC attacks: report
June 29, 2021
Microsoft customer service agent briefly hit by fresh Nobelium attacks
June 28, 2021
Behind the Firewall: How 5 cyber execs got started in security
June 25, 2021
Gaps in DOD supply chain leave Pentagon vulnerable: report
June 24, 2021
Infosec execs still lack direct access to the CEO: study
June 22, 2021
Attacks against container supply chains grow more sophisticated
June 21, 2021
Critical infrastructure sites face greater cyberthreat amid remote connectivity
June 18, 2021
Biden confronts Putin on cyberattacks, private sector optimistic
June 17, 2021
CISOs, CIOs see heightened mobile security threat amid shift to hybrid
June 16, 2021
Patched Microsoft Teams vulnerability shows the delicacy of messaging platforms
June 15, 2021
Codecov to sunset Bash Uploader following April supply chain attack
June 14, 2021
Behind the Firewall: How 9 execs implement cybersecurity at home
June 11, 2021
Colonial CEO defends oversight response, urges transparency on ransomware
June 10, 2021
Colonial CEO says ransomware hackers exploited legacy VPN
June 9, 2021
Apple's privacy, security features seen as favorable to enterprise remote work
June 8, 2021
Data breaches, poor cyber practices raise cost of borrowing: study
June 7, 2021
CISOs earn higher profile with remote work, evolving threats
June 3, 2021
Phishing attack against US government, NGOs shakes assumptions on containment
June 2, 2021
APT actors ramp up cyber campaign targeting Pulse Secure VPNs
May 28, 2021
Behind the Firewall: 4 cyber executives on security disasters they avoided
May 28, 2021
Compromised cloud costs companies $6.2M annually, study finds
May 27, 2021
Threat actors scan for vulnerabilities faster than enterprises can respond: Palo Alto
May 26, 2021
Off-the-shelf tools, unsophisticated techniques threaten industrial systems
May 25, 2021
Ransomware seen as top cyberthreat as extortion demands, payouts soar
May 24, 2021
SolarWinds CEO extends hack timeline, rethinks intern blame
May 20, 2021
White House to take proactive role in ransomware fight
May 19, 2021
AI will change scale and scope of hacking, security expert says
May 18, 2021
Ransomware fears escalate as Irish health service, Toshiba unit targeted
May 14, 2021
Colonial Pipeline begins fuel delivery relaunch after ransomware attack
May 13, 2021
Colonial Pipeline disconnects OT systems to silo ransomware IT threat
May 12, 2021
Critical infrastructure flaws surface after years of underinvestment, inaction
May 11, 2021
Colonial Pipeline attack embodies security risk to nation's critical infrastructure
May 10, 2021
VPN vulnerabilities haunt defense industry as threat actors find new openings
May 10, 2021
Targeted industrial control systems add cautionary flag to cyber defense strategies
May 6, 2021
Cyberthreats dog the US supply chain, complicated by global competition
May 5, 2021
Password managers are a necessary — yet vulnerable — last line of defense
May 4, 2021
XDR to succeed legacy technologies as emerging threats pressure security
May 3, 2021
First Horizon breach highlights rising threats against financial institutions
April 29, 2021
Passwordstate customers targeted with new round of phishing attacks
April 29, 2021
Work from home means far less security visibility, report says
April 28, 2021
Cyberattack on Passwordstate tests confidence in password managers
April 27, 2021
Codecov hack — likened to SolarWinds — targets software supply chain
April 23, 2021
Attackers leverage Pulse Secure VPNs to target defense, financial industries
April 22, 2021
CISOs call for holistic enterprise approach to third-party security risk
April 21, 2021
Companies take second look at third-party risk management programs
April 20, 2021
US companies plot return to office, raising questions on hybrid security
April 19, 2021
Poor management of privileged accounts leaves organizations open to attack
April 15, 2021
Feds launch coordinated effort to mitigate remaining Microsoft Exchange flaws
April 14, 2021
Half of business continuity changes hurt cybersecurity, study shows
April 12, 2021
Enterprise security leaders fear rising AI use among threat actors: report
April 9, 2021
VPN security falls short as demand increases for remote workforce at scale
April 7, 2021
Employees can't quit habit of writing down, sharing passwords
April 6, 2021
Enterprises lag on firmware security spending in face of rising threat
April 1, 2021
Molson Coors incident shines a light on industrial cyberattack vulnerabilities
March 30, 2021
Security leaders: Expect more insider data leaks, threats in 2021
March 29, 2021
Babuk ransomware group emerges with new claims against US companies
March 26, 2021
Remote work gives rise to more executive credential theft
March 25, 2021
Threat data sharing considered critical to defense amid rise in sophisticated attacks: report
March 24, 2021
Spending on IAM, zero trust to rise as companies extend remote work
March 23, 2021
SolarWinds threat actors accessing Microsoft 365 by altering permissions
March 22, 2021
Microsoft Exchange fixes arrive, but some companies lack IT resources to repair
March 19, 2021
Mimecast migrates to Cisco following supply chain attack
March 17, 2021
White House looks to tighten private sector coordination, gain infrastructure insight
March 15, 2021
Microsoft deploys more updates to contain Exchange server fallout
March 12, 2021
Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in
March 10, 2021
Microsoft Exchange server compromise escalates as mitigation efforts fall short
March 8, 2021
3 new malware strains show persistence, sophistication of SolarWinds actor
March 5, 2021
Qualys confirms data breach related to Accellion after documents leak
March 4, 2021
Malicious email campaigns target business platforms following remote work surge
March 4, 2021
Exploited Microsoft Exchange campaign hits hundreds of organizations, researchers find
March 3, 2021
Companies overestimate ability to manage remote worker security
March 2, 2021
Google Cloud enters cyber insurance collaboration with Allianz, Munich Re
March 2, 2021
SolarWinds missed early security warnings
March 1, 2021
SolarWinds execs warn of short-term impacts from cyberattack, as renewal rates slow
Feb. 26, 2021
Researchers find vulnerabilities inside multiple virtual event, business platforms
Feb. 25, 2021
Senate SolarWinds hearing turns attention to breach notification laws, intel sharing
Feb. 24, 2021
Apple faces malware threats as it makes an enterprise push
Feb. 23, 2021
Microsoft says it was not a SolarWinds attack vector, after completing internal probe
Feb. 19, 2021
Water system hack reveals thousands of organizations vulnerable to Window 7 exposure
Feb. 19, 2021
Ransomware, poor security drove spike in healthcare breaches in 2020
Feb. 17, 2021
Organizations running SolarWinds Orion online drops 25% since December: report
Feb. 12, 2021
White House taps Neuberger to lead SolarWinds government response
Feb. 11, 2021
SolarWinds fallout turns security eye to Microsoft Office 365
Feb. 9, 2021
Mimecast to cut 4% of workforce in restructuring as breach probe continues
Feb. 4, 2021
FireEye reports record revenue in first report since Red Team hack
Feb. 3, 2021
Supply chain attacks could open up vendor competition, Moody's says
Feb. 2, 2021
Supply chain attacks renew focus on limiting privileged access to cloud data
Jan. 29, 2021
Cyberattacks cost financial firms $4.7M on average last year: report
Jan. 28, 2021
Biden campaign cyber chief named federal CISO
Jan. 27, 2021
Privacy investments mitigate security losses, report finds
Jan. 26, 2021
Cyberthreat trends in the remote work landscape
Jan. 25, 2021
Cyber defense panel sees more private sector coordination following SolarWinds
Jan. 20, 2021
Malwarebytes attack linked to SolarWinds' nation-state actors, CEO says
Jan. 20, 2021
Financial services companies embrace cloud as security concerns grow
Jan. 15, 2021
Mimecast attributes supply chain attack to SolarWinds' hackers
Jan. 14, 2021
With cyber bureau, State Department brings diplomacy to threat landscape
Jan. 11, 2021
SolarWinds attack leads to renewed focus on IT relationships with corporate boards
Jan. 7, 2021
Federal task force says Russia likely actor behind SolarWinds attack
Jan. 5, 2021
Fast-growing gaming industry faces rising threat of account compromise
Jan. 5, 2021
Full impact of SolarWinds attack begins to emerge across tech sector, federal agencies
Dec. 23, 2020
SolarWinds breach reminds companies to be proactive in managing trust, disclosure
Dec. 22, 2020
Tracking SolarWinds cyberattack fallout, play-by-play
Dec. 18, 2020
After years in the lab, IBM ready to take homomorphic encryption into the mainstream
Dec. 18, 2020
FireEye killswitch stops SolarWinds hack
Dec. 16, 2020
SolarWinds Orion vulnerability: What security teams need to know
Dec. 15, 2020
IT execs face growing pressure to balance security with productivity
Dec. 14, 2020
SolarWinds Orion flaw linked to government cyberattacks
Dec. 14, 2020
Federal agencies warn of heightened cyberthreats against K-12 schools
Dec. 11, 2020
NSA calls out Russia-backed exploit of VMware virtual workspace platform
Dec. 8, 2020
Kmart's reported ransomware attack highlights ongoing threat to retail
Dec. 4, 2020
IoT cyber bill clears Congress — what's next for industry players?
Dec. 3, 2020
Proactive technology upgrades prevent security nightmares, report finds
Dec. 1, 2020
Sharp rise in IT spending as cyberthreats evolve, Crowdstrike finds
Nov. 25, 2020
Home Depot codifies data reforms in $17.5M breach settlement with states
Nov. 25, 2020
Defense industry CISOs prepare for cybersecurity compliance audits
Nov. 23, 2020
Carnegie researchers seek urgent action to combat financial cyberthreats
Nov. 20, 2020
Famed hacker Mudge to lead Twitter security after summer of attacks
Nov. 17, 2020
Voice, SMS not secure enough for multifactor authentication, Microsoft says
Nov. 16, 2020
Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity
Nov. 13, 2020
Cybersecurity hiring spikes as pandemic forces global workforce restructuring
Nov. 11, 2020

Industry Dive is an Informa TechTarget business.

This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.

Get Cybersecurity Dive in your inbox

The free newsletter covering the top industry headlines

Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime.