BeyondTrust, Cloudflare averted Okta attacks thanks to security chops

With details scant, worries remain about how the attacks might have played out for less security-focused businesses that were impacted.

By Matt Kapko • Nov. 1, 2023

Five Guys discloses hack of 2 employees’ emails

The disclosure comes weeks after the company agreed to settle a federal class action suit stemming from a 2022 attack.

By David Jones • Oct. 30, 2023

Explore the Trendline➔

Securing the cloud

The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain

By Cybersecurity Dive staff

Philadelphia discloses email compromise 5 months after initial detection

An ongoing investigation uncovered a two-month dwell time in the city’s email system that exposed some individuals’ sensitive information.

By Matt Kapko • Oct. 26, 2023

LastPass working through ‘systemic’ security overhaul

“We didn’t just address the issues that were the cause of the breach,” CEO Karim Toubba said. Still, nearly 1 in 10 customers are fleeing the password manager.

By Matt Kapko • Oct. 25, 2023

1Password caught in Okta breach, impacting employee-facing apps

The password manager came forward after BeyondTrust and Cloudflare disclosed similar Okta environment breaches. All three victims claim no data was compromised.

By Matt Kapko • Oct. 24, 2023

Okta attacked again, this time hitting its support system

A threat actor accessed customer support tickets and files containing sensitive data. Okta declined to say how many customers are impacted.

By Matt Kapko • Updated Oct. 23, 2023

Almost 42K Cisco IOS XE devices exploited, no patch available

Security researchers warn the number of infected hosts grew after a critical zero-day vulnerability was found.

By David Jones • Oct. 19, 2023

US data compromises hit all-time high

Supply-chain attacks and zero-day exploits, such as the widespread attacks against the MOVEit file-transfer service, are surging, according to the Identity Theft Resource Center.

By Matt Kapko • Oct. 16, 2023

Caesars Entertainment says social-engineering attack behind August breach

In a filing with the Maine attorney general, the gaming company said the attack began in mid-August and impacted tens of thousands of the state's residents.

By David Jones • Oct. 9, 2023

Construction insurer hit in data breach

Builders Mutual disclosed the hack affected 64,761 individuals, per a filing with the state of Maine.

By Matthew Thibault • Oct. 6, 2023

Clorox warns of quarterly loss related to August cyberattack, production delays

The company expects a significant financial impact stemming from the recent cyberattack, which is reportedly linked to the Scattered Spider threat group.

By David Jones • Oct. 5, 2023

Caesars Entertainment faces class action lawsuits following rewards database hack

At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups. 

By David Jones • Sept. 27, 2023

Clorox warns of product shortages a month after disclosing cyberattack

The household product maker said the incident damaged IT systems and will have a material effect on its fiscal Q1 performance.

By David Jones • Sept. 18, 2023

MGM, Caesars attacks raise new concerns about social engineering tactics

Multiple threat groups have employed the same criminal tool kit to target vulnerable systems.

By David Jones • Sept. 18, 2023

Security has an underlying defect: passwords and authentication

Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.

By Matt Kapko • Sept. 18, 2023

MGM Resorts discloses cyber incident in filing with SEC

Moody’s Investors Service called the cyber incident credit negative, and MGM is still taking steps to protect data and fully secure business operations. 

By David Jones • Sept. 13, 2023

Compromised credential use jumps 300% in cloud intrusions: IBM

Valid credentials are also a hot commodity in the cybercrime marketplace, accounting for the vast majority, almost 90%, of assets for sale on the dark web, IBM found.

By Matt Kapko • Sept. 13, 2023

High-profile CVEs turn up in vulnerability exploit sales

Flashpoint observed 27 vulnerability exploits listed for sale or purchased on the dark web during the first half of the year. One-third were linked to Microsoft products.

By Matt Kapko • Sept. 12, 2023

MGM Resorts takes systems offline as it investigates cyberattack

The company restored full operations to dining, gaming and entertainment venues Monday night, following earlier reports payment systems, digital room keys and reservations systems were down at multiple properties. 

By David Jones • Updated Sept. 12, 2023

Microsoft crash dump exposed key that led to US cabinet email hacks, investigation finds

A China-based threat group used the key to access a Microsoft engineer’s corporate account and, later, compromised more than two dozen customer email accounts.

By David Jones • Sept. 7, 2023

Suncor CEO says company mostly recovered from June cyberattack

The incident was serious and not worth repeating, President and CEO Rich Kruger said. "I’d rather have a root canal than go through one of these attacks again.”

By David Jones • Aug. 17, 2023

TIAA hit with class-action lawsuit over MOVEit data breach

The suit claims the teachers’ retirement fund did not properly handle sensitive information compromised in the far-reaching cyberattack.

By Anna Merod • Aug. 14, 2023

Threat actors abuse valid accounts using manual tactics, CrowdStrike says

The research underscores the outsized role and prevalence of legitimate credentials as an entry point for cyberattacks.

By Matt Kapko • Aug. 8, 2023

Poor access management besets most cloud compromises, Google says

The prevalence of systems with weak access controls underscores a chronic security problem for organizations storing data in the cloud.

By Matt Kapko • Aug. 3, 2023

MoveIT breach exposes data of 612K Medicare beneficiaries, CMS says

The data was compromised as part of a breach at third-party provider Maximus. The government contractor said the data of as many as 11 million individuals was affected in the incident.

By Rebecca Pifer • July 31, 2023