Insurance holding company Group 1001 says operations restored after ransomware attack

The company did not pay a ransom following a February attack that disrupted operations at several of its member companies.

By David Jones • March 7, 2023

LastPass aftermath leaves long to-do list for business customers

Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.

By Matt Kapko • March 6, 2023

LastPass breach timeline: How a monthslong cyberattack unraveled

A threat actor evaded detection for months and blended in with legitimate activity after targeting 1 of 4 engineers with access to keys to the kingdom.

By Matt Kapko • Updated March 3, 2023

CISA red team cracks a critical infrastructure provider’s defenses, a lesson in lateral access

The voluntary assessment raises concerns as the unnamed organization with a mature security program was unable to detect simulated actors moving laterally across its systems for months.

By David Jones • March 1, 2023

LastPass compromise grew worse after DevOps engineer targeted for encryption key

A threat actor used data from multiple breaches and a vulnerability on a high-level employee’s home computer to steal customer passwords.

By Matt Kapko • Feb. 28, 2023

Phishing takes financial bite out of more victim organizations

The majority of organizations, 84%, experienced at least one successful phishing attack in 2022, Proofpoint research found.

By Matt Kapko • Feb. 28, 2023

For GoDaddy customers, a long dwell time means all could be victims

The web hosting provider has not shared additional details outlining the extent of the breach, but experts are highlighting the incident's multiple red flags.

By Matt Kapko • Feb. 23, 2023

Attackers reduce complexity to catch more potential victims

Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

By Matt Kapko • Feb. 23, 2023

Phishing, king of compromise, remains top initial access vector

IBM Security X-Force’s annual threat intelligence report highlights what makes phishing such a dangerous and persistent point of entry.

By Matt Kapko • Feb. 22, 2023

GoDaddy source code stolen as part of a multiyear campaign

An investigation into the root cause of the incident is ongoing. The web hosting provider declined to say how many potential customers are impacted.

By Matt Kapko • Feb. 17, 2023

FBI contains ‘isolated’ malicious activity on network

The agency said an investigation into the incident is ongoing. The origin and scope of the incident have yet to be confirmed.

By Matt Kapko • Feb. 17, 2023

Companies grapple with post-breach disclosure risks

The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

By Matt Kapko • Feb. 16, 2023

Reddit says limited amount of source code, employee data accessed in phishing attack

Hackers stole an employee’s credentials in a sophisticated attack this week, after prompting workers to interact with a fake intranet site.

By David Jones • Feb. 10, 2023

98% of organizations worldwide connected to breached third-party vendors

A report by SecurityScorecard shows the extent to which third- and fourth-party relationships increase the risk of cyberattacks.

By David Jones • Feb. 2, 2023

Microsoft disables phishing campaign after researchers flag OAuth app abuse

Proofpoint researchers uncovered a malicious campaign where threat actors abused Microsoft’s “verified publisher” status and tricked executives into granting permissions.

By David Jones • Feb. 1, 2023

GitHub resets code signing certificates following breach

The incident closely follows a series of indirect source code repository breaches impacting Slack and Okta.

By Matt Kapko • Feb. 1, 2023

Most data breach notices lacked detail in 2022

Organizations were not forthright with the causes or potential risks stemming from disclosed incidents.

By Matt Kapko • Jan. 30, 2023

Almost half of critical manufacturing organizations face significant risk of data breach

A report presented at the World Economic Forum shows key sectors are under pressure from rising vulnerabilities and a slower rate of patching.

By David Jones • Jan. 23, 2023

Experts question T-Mobile’s security culture as breach cycle churns

The gap between the threat actor’s intrusion and T-Mobile’s detection underscores multiple unresolved challenges.

By Matt Kapko • Jan. 20, 2023

Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry

Criminals see restaurants and mobile ordering apps as ripe targets for credential stuffing and financial fraud.

By David Jones • Jan. 20, 2023

Mailchimp hit by second cyberattack in 6 months, 133 customers impacted

The social engineering incident is similar to an August cyberattack that targeted customers in the crypto industry.

By David Jones • Jan. 19, 2023

Cyber, business interruption remain top global corporate risks

Risk management leaders remain highly concerned about the threat of malicious attacks and data breaches, according to Allianz Global.

By David Jones • Jan. 18, 2023

CircleCI probe links malware placed on engineer’s laptop to larger breach

An unauthorized actor, after stealing a valid SSO session, was able to exfiltrate data, including customer environment variables, tokens and keys.

By David Jones • Jan. 13, 2023

CircleCI working with AWS to identify, revoke keys impacted by security incident

The company assured customers there is no indication that AWS accounts were accessed. CircleCI has scheduled an incident report for Jan. 17.

By David Jones • Jan. 12, 2023

FCC revives push to speed up telecom incident disclosures

Telecom operators are a primary target for threat actors. A change to breach reporting rules is long overdue, one analyst said.

By Matt Kapko • Jan. 10, 2023