Cyberattacks


  • A close up of a cursor arrow hovering over an X on a screen, pixelated with red, blue and green colors.
    Image attribution tooltip
    ar-chi via Getty Images
    Image attribution tooltip

    Ransomware victims are becoming less likely to pay up

    Despite a jump in ransom demands last year, companies are plotting better defenses against attacks that can incur deep business interruption costs, Marsh said.

    By Justin Bachman • June 21, 2024
  • Man using facial recognition technology on city street
    Image attribution tooltip
    LeoPatrizi via Getty Images
    Image attribution tooltip

    MFA plays a rising role in major attacks, research finds

    Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.

    By June 18, 2024
  • A wall of binary code is partly unzippered, revealing the face of Ben Franklin as seen on the $100 bill. Explore the Trendline
    Image attribution tooltip
    imagedepotpro via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

    By Cybersecurity Dive staff
  • Snowflake logo on one of the data cloud company's offices.
    Image attribution tooltip
    Permission granted by Snowflake
    Image attribution tooltip

    What we know about the Snowflake customer attacks

    Analysts and threat hunters warn more companies are confronting significant exposure from the identity-based attacks, and damages are spreading.

    By June 17, 2024
  • A person uses a tablet while in a factory.
    Image attribution tooltip
    yoh4nn via Getty Images
    Image attribution tooltip

    Ransomware attacks hit manufacturing hard in 2023

    The sector was among the top industries to pay ransom demands. The average payment increased 88% to almost $2.4 million last year, Sophos found.

    By June 14, 2024
  • A view of Ascension St. Vincent's Riverside Hospital sign.
    Image attribution tooltip
    Cliff Hawkins via Getty Images
    Image attribution tooltip

    Ascension says cyberattack may have compromised protected health data

    Hackers gained access to the nonprofit’s systems early last month after a worker accidentally downloaded a malicious file, Ascension said.

    By Emily Olsen • June 14, 2024
  • School buses stand idle on December 15, 2015 in Los Angeles, California.
    Image attribution tooltip
    David McNew via Getty Images
    Image attribution tooltip

    Los Angeles schools investigating claims of data for sale on dark web

    The alleged incident is raising questions as to whether there’s been a more recent data breach in the district since September 2022.

    By Anna Merod • June 14, 2024
  • 3D digital circular dynamic wave.
    Image attribution tooltip
    Vitalii Pasichnyk/Getty via Getty Images
    Image attribution tooltip

    Snowflake-linked attacks are testing the cloud’s shared responsibility status quo

    Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.

    By June 13, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Pure Storage comes forward as an early victim of Snowflake-linked attacks

    The data storage vendor said information exposed by the attack can’t be used to gain access to customer systems.

    By June 12, 2024
  • Bottles of Clorox bleach on a supermarket shelf.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Clorox to restart ERP upgrade as it looks past August cyberattack

    With the company out of recovery mode, teams are looking to advance on digital transformation projects. 

    By Lindsey Wilkinson • June 11, 2024
  • Snowflake office building in San Mateo, CA.
    Image attribution tooltip
    Permission granted by Snowflake
    Image attribution tooltip

    100 Snowflake customers attacked, data stolen for extortion

    A financially-motivated attacker used stolen credentials to systematically compromise customer accounts, steal a significant volume of data and extort victims, Mandiant said.

    By June 10, 2024
  • Broadband connections
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Frontier Communications says cyberattack snagged data from 751,000 people

    The breach notifications come almost two months after the company initially disclosed the April attack.

    By June 7, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Cyberattacks pose mounting risks to creditworthiness: Moody’s

    “As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.

    By Jim Tyson • June 6, 2024
  • The lobby inside a Snowflake office building.
    Image attribution tooltip
    Courtesy of Snowflake
    Image attribution tooltip

    Pressure mounts on Snowflake and its customers as attacks spread

    More businesses are likely impacted by an attacker’s access to multiple Snowflake customer databases.

    By June 6, 2024
  • Creative image depicting a ransomware attack.
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    CVE exploits, stolen credentials fueled ransomware surge in 2023

    Data leak site posts increased 75% to 4,520 posts in 2023, Mandiant said in a report.

    By June 4, 2024
  • Snowflake office building in San Mateo, CA.
    Image attribution tooltip
    Permission granted by Snowflake
    Image attribution tooltip

    Snowflake customers caught in identity-based attack spree

    Cyber authorities and researchers warn many major companies could be compromised by the targeted attacks against Snowflake customer environments.

    By June 3, 2024
  • Live Nation corporate offices in Hollywood, California.
    Image attribution tooltip
    Mario Tama/Getty Images via Getty Images
    Image attribution tooltip

    Live Nation confirms jumbo breach, Ticketmaster customer data exposed

    The live concert and entertainment giant disclosed the compromise days after reports began surfacing of a data breach. The company said it detected the intrusion on May 20.

    By June 3, 2024
  • Smiling businesswoman in headphones taking notes, working with laptop and talking smartphone, blue glowing information protection icons. Padlock, cloud and digital interface. Cyber security concept - stock photo
    Image attribution tooltip
    iStock via Getty Images
    Image attribution tooltip
    Sponsored by Avaya

    Securing your call centers: Best practices for cybersecurity protection

    All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

    By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024
  • An artistic template of a twilit cityscape that metaphorically represents the role of quantum computing-hardened encryption keys in strengthening data security.
    Image attribution tooltip
    Permission granted by Honeywell
    Image attribution tooltip

    Utilities saw fewer Q1 ransomware attacks than other sectors. A Dragos analyst explains why.

    Electric companies worldwide experienced one ransomware attack in Q1, compared with 25 in the transportation sector and 106 in manufacturing, according to Dragos, but analysts warn against utilities getting complacent.

    By Robert Walton • May 31, 2024
  • An image of a digital lock is shown
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    First American says personal data of 44K breached in December cyberattack

    The company previously said the attack had a material impact on Q4 operations, but would not have a significant long-term impact on results.

    By May 29, 2024
  • Microsoft logo is seen in the background.
    Image attribution tooltip
    Jeenah Moon via Getty Images
    Image attribution tooltip

    Microsoft president set to testify before Congress on ‘security shortcomings’

    After the tech giant asked for more time, Brad Smith will now testify before the House Committee on Homeland Security on June 13.

    By May 22, 2024
  • The HHS in DC
    Image attribution tooltip
    Alex Wong / Staff via Getty Images
    Image attribution tooltip

    Providers urge HHS to clarify Change data breach reporting requirements

    More than 50 provider groups are asking the federal government to publicly state that UnitedHealth should handle data breach reporting stemming from the cyberattack on its subsidiary.

    By Emily Olsen • May 22, 2024
  • Water rushing out of a pipeline and onto a wheat field.
    Image attribution tooltip
    lnzyx for iStock via Getty Images
    Image attribution tooltip

    EPA to ramp up enforcement as most water utilities lack cyber safeguards

    The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

    By May 21, 2024
  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks

    Threat researchers say a financially-motivated attacker has deployed the tool in social-engineering attacks since April.

    By May 17, 2024
  • 3D digital circular dynamic wave.
    Image attribution tooltip
    Vitalii Pasichnyk/Getty via Getty Images
    Image attribution tooltip

    Remote-access tools the intrusion point to blame for most ransomware attacks

    Self-managed VPNs from Cisco and Citrix were 11 times more likely to be linked to a ransomware attack last year, At-Bay research found.

    By May 16, 2024
  • FBI seal displayed on a wall
    Image attribution tooltip
    Chip Somodevilla/Getty Images via Getty Images
    Image attribution tooltip

    Black Basta ransomware is toying with critical infrastructure providers, authorities say

    The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors.  Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.

    By May 13, 2024