David Jones

213 articles by David Jones

• Log4j raises cyber risk for public finance entities, Fitch warns

  Jan. 19, 2022

• Cobalt Strike targets VMware Horizon after UK warnings of Log4Shell threats

  Jan. 18, 2022

• Big tech pushes White House for open source funding, standards after Log4j

  Jan. 14, 2022

• FCC seeks stronger breach reporting rules for telecoms

  Jan. 13, 2022

• Log4j threat activity limited, but CISA says actors lay in wait

  Jan. 11, 2022

• Log4Shell threat activity targeting VMware Horizon, UK researchers warn

  Jan. 10, 2022

• Can SOAR technology help SOCs regain the advantage in threat detection?

  Jan. 7, 2022

• FTC threatens enforcement on firms lax about Log4j vulnerability

  Jan. 5, 2022

• Log4j activity expected to play out well into 2022

  Jan. 4, 2022

• US allies call for Log4j vigilance as organizations struggle to detect vulnerabilities

  Dec. 23, 2021

• Organizations still downloading vulnerable Log4j versions

  Dec. 22, 2021

• Federal authorities brace for long holiday as Log4j threat activity rises

  Dec. 20, 2021

• Log4j: What we know (and what's yet to come)

  Dec. 17, 2021

• Log4j attacks poised to rise as threat actors search for attack vectors

  Dec. 16, 2021

• Log4j threat expands as second vulnerability emerges and nation states pounce

  Dec. 15, 2021

• Log4j under siege, millions of devices vulnerable

  Dec. 14, 2021

• Federal authorities, technology vendors race to contain Log4j vulnerability

  Dec. 13, 2021

• Is the security of legacy IT providers prompting a confidence crisis?

  Dec. 8, 2021

• A year later, Nobelium-linked threat actors still target businesses, government

  Dec. 6, 2021

• Insurer Lloyd's slashes coverage on state-sponsored cyberattacks, reflecting battered market

  Dec. 3, 2021

• Majority of US retailers, critical infrastructure unscathed after holiday cyber warnings

  Nov. 30, 2021

• Crypto becoming the preferred currency of cybercriminals and rogue governments

  Nov. 24, 2021

• GoDaddy breach raises questions about how to secure identity in the enterprise

  Nov. 23, 2021

• Enterprises prepare for ransomware threats during Thanksgiving

  Nov. 22, 2021

• 30K Microsoft Exchange Servers remain vulnerable to new tactics

  Nov. 18, 2021

• Companies urged to alert federal law enforcement in ransomware cases

  Nov. 17, 2021

• Threat actor breaches HPE's Aruba Central via data repository access key

  Nov. 16, 2021

• Banks outpace other industries in cyber investments, defense strategies: report

  Nov. 15, 2021

• A year after SolarWinds, third-party risk still threatens the software supply chain

  Nov. 12, 2021

• US backs Paris-led effort on cybersecurity cooperation

  Nov. 11, 2021

• Trust is becoming a CISO priority, boosts customer stickiness

  Nov. 10, 2021

• DOJ unveils charges, money seizures in multinational crackdown against REvil

  Nov. 9, 2021

• Pentagon revamps CMMC program to help SMBs meet compliance standards

  Nov. 5, 2021

• Sinclair Broadcast still assessing financial impact of ransomware attack

  Nov. 4, 2021

• Ransomware actors attempt to toy with stock valuation, disrupt M&A, FBI says

  Nov. 3, 2021

• Most companies dealing with employee misuse of business apps: report

  Nov. 2, 2021

• SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes

  Nov. 1, 2021

• Twitter eyes phishing deterrence with security key rollout

  Oct. 29, 2021

• Corporate boards, C-suite finally prioritize cyber after years of business risk

  Oct. 27, 2021

• Supply chain attacks lift debate on how to manage software vulnerabilities

  Oct. 21, 2021

• Sinclair Broadcast becomes latest media group to face ransomware attack

  Oct. 19, 2021

• Federal agencies warn of ransomware targeting water, wastewater treatment plants

  Oct. 18, 2021

• Ransomware summit takeaways: Pledges to disrupt safe havens, money laundering

  Oct. 15, 2021

• Biden administration seeks international progress on ransomware fight

  Oct. 14, 2021

• Cybersecurity tool sprawl leading to burnout, false positives: report

  Oct. 13, 2021

• War room preparation key to ransomware response, experts say

  Oct. 11, 2021

• DOJ cracks down on ransomware with cyber task force, civil fraud initiative

  Oct. 7, 2021

• Insider threat environment faces challenges amid changing corporate landscape

  Oct. 6, 2021

• Top global companies falling short in protecting domain security

  Oct. 5, 2021

• REvil, DarkSide highlight surge in Q2 ransomware attacks: report

  Oct. 4, 2021

• Threat actors more frequently — and successfully — target Active Directory

  Sept. 30, 2021

• Microsoft, under attack from threat actors, positions itself as cyber guardian

  Sept. 29, 2021

• Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor

  Sept. 28, 2021

• Ransomware compromises customer data in farm co-op attack

  Sept. 23, 2021

• Enterprises plan major investments as remote work escalates security risk: report

  Sept. 22, 2021

• BlackMatter gang targets Iowa agriculture cooperative in a test of critical infrastructure

  Sept. 21, 2021

• Companies must develop operational plan for ransomware recovery

  Sept. 17, 2021

• Boards rethink incident response playbook as ransomware surges

  Sept. 15, 2021

• Executives fail to make software supply chain security a priority, report finds

  Sept. 14, 2021

• Fortinet credential drop linked to fissure in ransomware group

  Sept. 10, 2021

• InfoSec teams under pressure to compromise security for productivity: report

  Sept. 9, 2021

• Exploits underway for Microsoft zero day leveraging Office documents

  Sept. 8, 2021

• Cybersecurity discussion growing in regulatory filings

  Sept. 8, 2021

• Neuberger amplifies Labor Day ransomware fears

  Sept. 3, 2021

• Machine identity remains a mystery, threatening digital security

  Sept. 2, 2021

• Ransomware capitalizes on holiday weekends. Feds urge vigilance over Labor Day

  Sept. 1, 2021

• Azure flaw exposes enterprise databases, raising questions on cloud security

  Aug. 30, 2021

• Facility management worried about OT cybersecurity, but few plan to fix it

  Aug. 27, 2021

• More threats target Linux, a foundation for the cloud, report finds

  Aug. 25, 2021

• Microsoft Exchange vulnerabilities targeted in ProxyShell attacks

  Aug. 24, 2021

• Men more likely to engage in risky online behavior: report

  Aug. 20, 2021

• Up to 83M IoT devices at risk of remote access

  Aug. 18, 2021

• How much does phishing really cost the enterprise?

  Aug. 17, 2021

• Insider risk surges as resignations mount

  Aug. 13, 2021

• Criminal middlemen administer access to privileged accounts

  Aug. 12, 2021

• APT actors target Microsoft 365 using novel techniques

  Aug. 6, 2021

• Decade-old router flaw allows cross-network access, Tenable finds

  Aug. 4, 2021

• Ransomware, supply chain attacks put cyber insurers on notice

  July 28, 2021

• OT cyberattacks could threaten human safety by 2025: Gartner

  July 26, 2021

• No ransom paid to obtain decryptor, Kaseya says

  July 23, 2021

• Lack of visibility leaves critical infrastructure vulnerable to ransomware

  July 22, 2021

• White House ties cyberattacks to China, but private sector awaits stronger action

  July 20, 2021

• WFH shift tests resilience of financial services amid surge in phishing, ransomware

  July 16, 2021

• Behind the Firewall: How 6 security execs screen vendors

  July 16, 2021

• Kaseya restores SaaS monitoring service after REvil ransomware attack

  July 12, 2021

• Kaseya: What's known (and unknown) about the ransomware attack

  July 9, 2021

• Kaseya postpones service restoration, apologizes for attack

  July 8, 2021

• Kaseya misses first attempt to restore SaaS following REvil attack

  July 7, 2021

• Kaseya wrestles with service restoration following supply chain attack

  July 6, 2021

• Ransomware attack against Kaseya creates rippling supply chain compromise

  July 2, 2021

• Cloud targeted in widespread brute force campaign

  July 2, 2021

• Cobalt Strike rising in prominence among criminal threat actors

  July 1, 2021

• Critical goods industries face existential ransomware decisions

  June 30, 2021

• Spoofing, spear phishing dominate BEC attacks: report

  June 29, 2021

• Microsoft customer service agent briefly hit by fresh Nobelium attacks

  June 28, 2021

• Behind the Firewall: How 5 cyber execs got started in security

  June 25, 2021

• Gaps in DOD supply chain leave Pentagon vulnerable: report

  June 24, 2021

• Infosec execs still lack direct access to the CEO: study

  June 22, 2021

• Attacks against container supply chains grow more sophisticated

  June 21, 2021

• Critical infrastructure sites face greater cyberthreat amid remote connectivity

  June 18, 2021

• Biden confronts Putin on cyberattacks, private sector optimistic

  June 17, 2021

• CISOs, CIOs see heightened mobile security threat amid shift to hybrid

  June 16, 2021

• Patched Microsoft Teams vulnerability shows the delicacy of messaging platforms

  June 15, 2021

• Codecov to sunset Bash Uploader following April supply chain attack

  June 14, 2021

• Behind the Firewall: How 9 execs implement cybersecurity at home

  June 11, 2021

• Colonial CEO defends oversight response, urges transparency on ransomware

  June 10, 2021

• Colonial CEO says ransomware hackers exploited legacy VPN

  June 9, 2021

• Apple's privacy, security features seen as favorable to enterprise remote work

  June 8, 2021

• Data breaches, poor cyber practices raise cost of borrowing: study

  June 7, 2021

• CISOs earn higher profile with remote work, evolving threats

  June 3, 2021

• Phishing attack against US government, NGOs shakes assumptions on containment

  June 2, 2021

• APT actors ramp up cyber campaign targeting Pulse Secure VPNs

  May 28, 2021

• Behind the Firewall: 4 cyber executives on security disasters they avoided

  May 28, 2021

• Compromised cloud costs companies $6.2M annually, study finds

  May 27, 2021

• Threat actors scan for vulnerabilities faster than enterprises can respond: Palo Alto

  May 26, 2021

• Off-the-shelf tools, unsophisticated techniques threaten industrial systems

  May 25, 2021

• Ransomware seen as top cyberthreat as extortion demands, payouts soar

  May 24, 2021

• SolarWinds CEO extends hack timeline, rethinks intern blame

  May 20, 2021

• White House to take proactive role in ransomware fight

  May 19, 2021

• AI will change scale and scope of hacking, security expert says

  May 18, 2021

• Ransomware fears escalate as Irish health service, Toshiba unit targeted

  May 14, 2021

• Colonial Pipeline begins fuel delivery relaunch after ransomware attack

  May 13, 2021

• Colonial Pipeline disconnects OT systems to silo ransomware IT threat

  May 12, 2021

• Critical infrastructure flaws surface after years of underinvestment, inaction

  May 11, 2021

• Colonial Pipeline attack embodies security risk to nation's critical infrastructure

  May 10, 2021

• VPN vulnerabilities haunt defense industry as threat actors find new openings

  May 10, 2021

• Targeted industrial control systems add cautionary flag to cyber defense strategies

  May 6, 2021

• Cyberthreats dog the US supply chain, complicated by global competition

  May 5, 2021

• Password managers are a necessary — yet vulnerable — last line of defense

  May 4, 2021

• XDR to succeed legacy technologies as emerging threats pressure security

  May 3, 2021

• First Horizon breach highlights rising threats against financial institutions

  April 29, 2021

• Passwordstate customers targeted with new round of phishing attacks

  April 29, 2021

• Work from home means far less security visibility, report says

  April 28, 2021

• Cyberattack on Passwordstate tests confidence in password managers

  April 27, 2021

• Codecov hack — likened to SolarWinds — targets software supply chain

  April 23, 2021

• Attackers leverage Pulse Secure VPNs to target defense, financial industries

  April 22, 2021

• CISOs call for holistic enterprise approach to third-party security risk

  April 21, 2021

• Companies take second look at third-party risk management programs

  April 20, 2021

• US companies plot return to office, raising questions on hybrid security

  April 19, 2021

• Poor management of privileged accounts leaves organizations open to attack

  April 15, 2021

• Feds launch coordinated effort to mitigate remaining Microsoft Exchange flaws

  April 14, 2021

• Half of business continuity changes hurt cybersecurity, study shows

  April 12, 2021

• Enterprise security leaders fear rising AI use among threat actors: report

  April 9, 2021

• VPN security falls short as demand increases for remote workforce at scale

  April 7, 2021

• Employees can't quit habit of writing down, sharing passwords

  April 6, 2021

• Enterprises lag on firmware security spending in face of rising threat

  April 1, 2021

• Molson Coors incident shines a light on industrial cyberattack vulnerabilities

  March 30, 2021

• Security leaders: Expect more insider data leaks, threats in 2021

  March 29, 2021

• Babuk ransomware group emerges with new claims against US companies

  March 26, 2021

• Remote work gives rise to more executive credential theft

  March 25, 2021

• Threat data sharing considered critical to defense amid rise in sophisticated attacks: report

  March 24, 2021

• Spending on IAM, zero trust to rise as companies extend remote work

  March 23, 2021

• SolarWinds threat actors accessing Microsoft 365 by altering permissions

  March 22, 2021

• Microsoft Exchange fixes arrive, but some companies lack IT resources to repair

  March 19, 2021

• Mimecast migrates to Cisco following supply chain attack

  March 17, 2021

• White House looks to tighten private sector coordination, gain infrastructure insight

  March 15, 2021

• Microsoft deploys more updates to contain Exchange server fallout

  March 12, 2021

• Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in

  March 10, 2021

• Microsoft Exchange server compromise escalates as mitigation efforts fall short

  March 8, 2021

• 3 new malware strains show persistence, sophistication of SolarWinds actor

  March 5, 2021

• Qualys confirms data breach related to Accellion after documents leak

  March 4, 2021

• Malicious email campaigns target business platforms following remote work surge

  March 4, 2021

• Exploited Microsoft Exchange campaign hits hundreds of organizations, researchers find

  March 3, 2021

• Companies overestimate ability to manage remote worker security

  March 2, 2021

• Google Cloud enters cyber insurance collaboration with Allianz, Munich Re

  March 2, 2021

• SolarWinds missed early security warnings

  March 1, 2021

• SolarWinds execs warn of short-term impacts from cyberattack, as renewal rates slow

  Feb. 26, 2021

• Researchers find vulnerabilities inside multiple virtual event, business platforms

  Feb. 25, 2021

• Senate SolarWinds hearing turns attention to breach notification laws, intel sharing

  Feb. 24, 2021

• Apple faces malware threats as it makes an enterprise push

  Feb. 23, 2021

• Microsoft says it was not a SolarWinds attack vector, after completing internal probe

  Feb. 19, 2021

• Water system hack reveals thousands of organizations vulnerable to Window 7 exposure

  Feb. 19, 2021

• Ransomware, poor security drove spike in healthcare breaches in 2020

  Feb. 17, 2021

• Organizations running SolarWinds Orion online drops 25% since December: report

  Feb. 12, 2021

• White House taps Neuberger to lead SolarWinds government response

  Feb. 11, 2021

• SolarWinds fallout turns security eye to Microsoft Office 365

  Feb. 9, 2021

• Mimecast to cut 4% of workforce in restructuring as breach probe continues

  Feb. 4, 2021

• FireEye reports record revenue in first report since Red Team hack

  Feb. 3, 2021

• Supply chain attacks could open up vendor competition, Moody's says

  Feb. 2, 2021

• Supply chain attacks renew focus on limiting privileged access to cloud data

  Jan. 29, 2021

• Cyberattacks cost financial firms $4.7M on average last year: report

  Jan. 28, 2021

• Biden campaign cyber chief named federal CISO

  Jan. 27, 2021

• Privacy investments mitigate security losses, report finds

  Jan. 26, 2021

• Cyberthreat trends in the remote work landscape

  Jan. 25, 2021

• Cyber defense panel sees more private sector coordination following SolarWinds

  Jan. 20, 2021

• Malwarebytes attack linked to SolarWinds' nation-state actors, CEO says

  Jan. 20, 2021

• Financial services companies embrace cloud as security concerns grow

  Jan. 15, 2021

• Mimecast attributes supply chain attack to SolarWinds' hackers

  Jan. 14, 2021

• With cyber bureau, State Department brings diplomacy to threat landscape

  Jan. 11, 2021

• SolarWinds attack leads to renewed focus on IT relationships with corporate boards

  Jan. 7, 2021

• Federal task force says Russia likely actor behind SolarWinds attack

  Jan. 5, 2021

• Fast-growing gaming industry faces rising threat of account compromise

  Jan. 5, 2021

• Full impact of SolarWinds attack begins to emerge across tech sector, federal agencies

  Dec. 23, 2020

• SolarWinds breach reminds companies to be proactive in managing trust, disclosure

  Dec. 22, 2020

• Tracking SolarWinds cyberattack fallout, play-by-play

  Dec. 18, 2020

• After years in the lab, IBM ready to take homomorphic encryption into the mainstream

  Dec. 18, 2020

• FireEye killswitch stops SolarWinds hack

  Dec. 16, 2020

• SolarWinds Orion vulnerability: What security teams need to know

  Dec. 15, 2020

• IT execs face growing pressure to balance security with productivity

  Dec. 14, 2020

• SolarWinds Orion flaw linked to government cyberattacks

  Dec. 14, 2020

• Federal agencies warn of heightened cyberthreats against K-12 schools

  Dec. 11, 2020

• NSA calls out Russia-backed exploit of VMware virtual workspace platform

  Dec. 8, 2020

• Kmart's reported ransomware attack highlights ongoing threat to retail

  Dec. 4, 2020

• IoT cyber bill clears Congress — what's next for industry players?

  Dec. 3, 2020

• Proactive technology upgrades prevent security nightmares, report finds

  Dec. 1, 2020

• Sharp rise in IT spending as cyberthreats evolve, Crowdstrike finds

  Nov. 25, 2020

• Home Depot codifies data reforms in $17.5M breach settlement with states

  Nov. 25, 2020

• Defense industry CISOs prepare for cybersecurity compliance audits

  Nov. 23, 2020

• Carnegie researchers seek urgent action to combat financial cyberthreats

  Nov. 20, 2020

• Famed hacker Mudge to lead Twitter security after summer of attacks

  Nov. 17, 2020

• Voice, SMS not secure enough for multifactor authentication, Microsoft says

  Nov. 16, 2020

• Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity

  Nov. 13, 2020

• Cybersecurity hiring spikes as pandemic forces global workforce restructuring

  Nov. 11, 2020