Dragos says it thwarted extortion bid by known ransomware threat group

The hackers accessed limited information by impersonating a new employee, and the cybersecurity firm warns some stolen data may be leaked.

By David Jones • May 11, 2023

Western Digital confirms customer data accessed by hackers in attack

The company has begun notifying customers about stolen data and expects to restore its online store next week.

By David Jones • May 8, 2023

Google, Dashlane separately move to eliminate passwords

In unrelated moves, the companies highlighted a growing effort to phase out dependence on passwords amid a rise in phishing attacks.

By David Jones • May 4, 2023

3CX threat actor named as company focuses on security upgrades, customer retention

Mandiant attributed the supply chain attack to a North Korea-linked adversary that targeted systems using Windows-based malware.

By David Jones • April 12, 2023

Western Digital restores local access to My Cloud Home customers following security breach

The data storage company has provided limited updates to customers after disclosing the initial incident.

By David Jones • April 11, 2023

Samsung employees leaked corporate data in ChatGPT: report

Data privacy is a concern for companies with employees using ChatGPT’s web-based interface, as input data is used to train and improve the tool.

By Lindsey Wilkinson • April 10, 2023

Broad MFA, rapid patching a must to stop cyberattacks, Marsh McLennan finds

A study says organizations need to implement automated hardening techniques to protect systems against future data breaches. 

By David Jones • April 6, 2023

IT security leaders still told to keep data breaches quiet, study finds

Bitdefender research found 7 in 10 IT and security professionals in the U.S. have been asked to keep a breach confidential.

By David Jones • April 6, 2023

3CX retains Mandiant to investigate supply chain attack with global reach

Google has invalidated the 3CX software security certificate, and Microsoft software installer files can no longer be downloaded via Chrome. A new installer and certificate are in development.

By David Jones • March 31, 2023

CISA summons outside tips to alert victims of early-stage ransomware

Post-breach notifications might seem too late for victim organizations, but swift action can prevent ransomware and data exfiltration.

By Matt Kapko • March 27, 2023

Wawa to pay up to $28.5M in data breach settlement

The chain’s latest payout will go to the financial institutions involved in the 2019 incident, continuing a series of payments it has made to customers and states over the past year.

By Brett Dworski • March 16, 2023

Blackbaud to pay $3M to settle SEC charges of a misleading ransomware investigation

The regulator said the cloud-based software provider made misleading disclosures about the scope of a 2020 ransomware attack. 

By David Jones • March 10, 2023

Hacking healthcare: With 385M patient records exposed, cybersecurity experts sound alarm on breach surge

Healthcare companies must harden their defenses, but it may require regulators and lawmakers to raise the bar on security standards, experts say.

By Jasmine Ye Han • March 10, 2023

Worried about data breaches? Blame the information sector

Three in five records exposed in a data breach last year came from software, telecom, data processing and web hosting companies, Flashpoint found.

By Matt Kapko • March 9, 2023

Insurance holding company Group 1001 says operations restored after ransomware attack

The company did not pay a ransom following a February attack that disrupted operations at several of its member companies.

By David Jones • March 7, 2023

LastPass aftermath leaves long to-do list for business customers

Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.

By Matt Kapko • March 6, 2023

LastPass breach timeline: How a monthslong cyberattack unraveled

A threat actor evaded detection for months and blended in with legitimate activity after targeting 1 of 4 engineers with access to keys to the kingdom.

By Matt Kapko • Updated March 3, 2023

CISA red team cracks a critical infrastructure provider’s defenses, a lesson in lateral access

The voluntary assessment raises concerns as the unnamed organization with a mature security program was unable to detect simulated actors moving laterally across its systems for months.

By David Jones • March 1, 2023

LastPass compromise grew worse after DevOps engineer targeted for encryption key

A threat actor used data from multiple breaches and a vulnerability on a high-level employee’s home computer to steal customer passwords.

By Matt Kapko • Feb. 28, 2023

Phishing takes financial bite out of more victim organizations

The majority of organizations, 84%, experienced at least one successful phishing attack in 2022, Proofpoint research found.

By Matt Kapko • Feb. 28, 2023

For GoDaddy customers, a long dwell time means all could be victims

The web hosting provider has not shared additional details outlining the extent of the breach, but experts are highlighting the incident's multiple red flags.

By Matt Kapko • Feb. 23, 2023

Attackers reduce complexity to catch more potential victims

Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

By Matt Kapko • Feb. 23, 2023

Phishing, king of compromise, remains top initial access vector

IBM Security X-Force’s annual threat intelligence report highlights what makes phishing such a dangerous and persistent point of entry.

By Matt Kapko • Feb. 22, 2023

GoDaddy source code stolen as part of a multiyear campaign

An investigation into the root cause of the incident is ongoing. The web hosting provider declined to say how many potential customers are impacted.

By Matt Kapko • Feb. 17, 2023

FBI contains ‘isolated’ malicious activity on network

The agency said an investigation into the incident is ongoing. The origin and scope of the incident have yet to be confirmed.

By Matt Kapko • Feb. 17, 2023