• Image attribution tooltip
    Permission granted by Gartner
    Sponsored by Gartner Peer Insights

    Cybersecurity quarterly benchmarks: Q1, 2022

    Gartner Peer Insights data and opinions run the gamut on cybersecurity maturity, budgets, and initiatives.

    May 2, 2022
  • Image attribution tooltip
    Getty / edited by Healthcare Dive

    Tenet says 'cybersecurity incident' disrupted hospital operations

    The for-profit health system has restored most critical functions, while affected facilities are starting to resume normal operations.

    By Rebecca Pifer • April 27, 2022
  • Image attribution tooltip
    sefa ozel via Getty Images

    Okta says 2.5% of customers breached, as Lapsus$ sows disorder

    Threat researchers say Lapsus$, active on social media, revels in the spotlight. Okta's CSO called the breach screenshots "embarrassing." 

    By March 23, 2022
  • Image attribution tooltip
    Spencer Platt / Staff via Getty Images

    NYC transit worker alleges pay violations after Kronos ransomware disruption

    The Metropolitan Transit Authority paid straight-time wages in a timely manner, the suit said, but it reportedly skipped overtime payments.

    By Kate Tornone , Feb. 15, 2022
  • Image attribution tooltip
    Laurence Dutton via Getty Images

    Cybersecurity outlook for 2022

    Nation-state cyberthreats and Log4j have the security community on high alert; organizations need to master response and remediation.  

    By Feb. 14, 2022
  • Image attribution tooltip

    Sponsored by Enzoic

    In 2022, you can no longer afford to ignore credential security

    Credentials are among the most sought-after targets by hackers due to the low risk and high rewards.

    Jan. 31, 2022
  • Image attribution tooltip
    Poike via Getty Images

    NY attorney general probes widespread credential stuffing, 17 companies affected

    The OAG worked with the impacted companies to uncover how threat actors bypassed security safeguards, which led almost all the companies to strengthen security controls.

    By Samantha Schwartz • Jan. 6, 2022
  • Image attribution tooltip
    Just_Super via Getty Images

    Threat actor breaches HPE's Aruba Central via data repository access key

    As more enterprise data moves to the cloud, security and data privacy remain paramount concerns. 

    By Nov. 16, 2021
  • Image attribution tooltip
    Jeenah Moon via Getty Images

    SolarWinds threat actor targeted IT service providers in thousands of attacks, Microsoft says

    The campaign from the Russian nation-state threat actor Nobelium was caught early, but there were at least 14 compromises involving password spraying and phishing to gain access.

    By Samantha Schwartz • Oct. 25, 2021
  • Image attribution tooltip
    Mark Wilson via Getty Images

    Ripple effects from a cyber incident take a year to develop: report

    Organizations are likely to both generate and suffer the downstream consequences of cyber incidents because of the technological reliance companies have on one another.

    By Samantha Schwartz • Sept. 27, 2021
  • Image attribution tooltip
    Carol Highsmith. (2005). "Apex Bldg." [Photo]. Retrieved from Wikimedia Commons.

    FTC warns app makers fall under breach notification rule

    A breach must be reported regardless of whether it was the result of malicious action, the agency said. Any unauthorized access, including sharing information without consent, would trigger the rule.

    By Shannon Muchmore • Sept. 17, 2021
  • Image attribution tooltip
    David Ramos via Getty Images

    Cybersecurity discussion growing in regulatory filings

    A surge in ransomware combined with an increase in M&A activity is raising the profile of cybersecurity as a key discussion point in public filings and discussions with investors. 

    By Sept. 8, 2021
  • Image attribution tooltip

    Sponsored by Code42

    Are you ready for the second wave of digital transformation?

    In the second wave of digital transformation, understanding Insider Risk is more important than ever.  

    Sept. 7, 2021
  • Image attribution tooltip
    Jeenah Moon via Getty Images

    Azure flaw exposes enterprise databases, raising questions on cloud security

    The flaw dates back to 2019, when Microsoft added a data-visualization feature called Jupyter Notebook to the Cosmos DB, Wiz researchers said.

    By Aug. 30, 2021
  • Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images

    T-Mobile closes breach entry point, adds consultants to fix security holes

    The hacker's goal was to gain customer data, and "they succeeded," CEO Mike Sievert said in a statement Friday.

    By Samantha Schwartz • Aug. 27, 2021
  • Image attribution tooltip
    Leon Neal via Getty Images

    Credential stuffing: the data availability problem

    If data is the valuable asset locked away for safekeeping, credentials are key to opening the vault. For threat actors, the real value of credentials is that they offer access without trace.

    By Sue Poremba • Aug. 23, 2021
  • Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images

    T-Mobile: Understanding the latest in the carrier's string of data breaches

    The breach, affecting more than 54 million individuals, is the company's fifth disclosed incident since 2018.

    By Samantha Schwartz • Updated Aug. 24, 2021
  • Image attribution tooltip
    Mario Tama via Getty Images

    Morgan Stanley falls prey to lingering effects of Accellion breach

    Data from the investment firm was compromised through the vendor of a vendor, a hallmark of difficult-to-prevent — and increasingly frequent —  supply chain security incidents.

    By July 9, 2021
  • Image attribution tooltip
    Patrick Lux via Getty Images

    Spoofing, spear phishing dominate BEC attacks: report

    Threat actors are targeting the C-suite and corporate finance departments with the goal of stealing credentials or unleashing malicious payloads. 

    By June 29, 2021
  • Image attribution tooltip
    Tomohiro Ohsumi via Getty Images

    Codecov to sunset Bash Uploader following April supply chain attack

    The company seeks to boost security posture, however analysts are raising questions about whether the new uploader addresses underlying concerns.

    By June 14, 2021
  • Image attribution tooltip
    Alex Wong via Getty Images

    Data breaches, poor cyber practices raise cost of borrowing: study

    Research from the American Accounting Association shows banks have raised interest rates on companies where customer data has been hacked.

    By June 7, 2021
  • Image attribution tooltip
    Peter Macdiarmid via Getty Images

    Why CISOs can't afford to have data breach fatigue

    Security teams monitor thousands of alerts per day, which are hard to escape even in off hours, as news about data breaches becomes mainstream.

    By Sue Poremba • June 1, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Compromised cloud costs companies $6.2M annually, study finds

    Attackers heavily target Microsoft 365 and Google Workspace accounts using brute force or phishing attacks, according to Ponemon Institute research.

    By May 27, 2021
  • Image attribution tooltip
    Stefani Reynolds / Stringer via Getty Images

    As Colonial Pipeline returns to service, Congress looks to bolster utility-government security efforts

    Several bills aim to boost public-private partnerships in securing the nations grid, which experts say are critical to keeping attackers at bay.

    By Robert Walton • May 17, 2021
  • Image attribution tooltip
    damircudic via Getty Images

    Password managers are a necessary — yet vulnerable — last line of defense

    The Passwordstate breach is forcing CISOs and researchers to review vendors and reassess security practices.

    By May 4, 2021