Cyberattacks

Marriott is still covering — and recovering — expenses from its 2018 data breach

The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

By Samantha Schwartz • Dec. 1, 2021

Majority of US retailers, critical infrastructure unscathed after holiday cyber warnings

Industry averted a major cyber incident amid warnings from the FBI and CISA, though home furnishings retailer Ikea fought to contain a sophisticated phishing attack.

By David Jones • Nov. 30, 2021

2 community colleges close to recover from cyberattacks

Lewis and Clark Community College and Butler County Community College are closing their campuses as they restore their servers and systems.

By Natalie Schwartz • Nov. 30, 2021

DDoS threats linger as peak holiday shopping begins

Slow or crashing websites can stem from failure to prepare, an unexpected bug or a denial-of-service attack, which have grown more severe this year, Cloudflare's Patrick Donahue said. 

By Samantha Schwartz • Nov. 24, 2021

GoDaddy breach raises questions about how to secure identity in the enterprise

More than one million current and former WordPress customers had their data exposed by the attack, which could expose organizations to downstream phishing attacks and ransomware, security researchers said.

By David Jones • Updated Nov. 24, 2021

Recovering ransom payments could become routine for law enforcement

Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.

By Samantha Schwartz • Nov. 23, 2021

FBI justifies its decision to withhold Kaseya decryptor

The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.

By Samantha Schwartz • Nov. 17, 2021

Sinclair Broadcast still assessing financial impact of ransomware attack

While the news provider maintains cyber insurance to cover losses related to security risk and business interruption, such policies may not be enough to cover the losses, President and CEO Chris Ripley said.

By David Jones • Nov. 4, 2021

SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes

The threat actor is using a tactic called EWS impersonation to target mailboxes in Microsoft 365 and is also using cloud service providers to target end users, Mandiant researchers said. 

By David Jones • Nov. 1, 2021

The most 'anxiety-inducing' cyberattacks of 2021 for IT and security

"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 

By Samantha Schwartz • Oct. 29, 2021

Identity crisis: Why ransomware groups rebrand — and disappear

Criminals are not known for telling the truth, but what they say is usually the only explanation for a disappearance. Even if it is a lie.

By Samantha Schwartz • Oct. 28, 2021

SolarWinds threat actor targeted IT service providers in thousands of attacks, Microsoft says

The campaign from the Russian nation-state threat actor Nobelium was caught early, but there were at least 14 compromises involving password spraying and phishing to gain access.

By Samantha Schwartz • Oct. 25, 2021

How businesses are tackling fraud in a digital-first reality

With digital transactions and eCommerce continuing to grow in volume, successfully taking on fraud will require businesses to explore and rely on new tools and technologies.

Oct. 25, 2021

Sinclair Broadcast becomes latest media group to face ransomware attack

Researchers linked the incident that disrupted weekend broadcasts to Evil Corp., which used a ransomware strain associated with WastedLocker.

By David Jones • Updated Oct. 21, 2021

The public needs to understand what's at stake with cyberattacks, DHS adviser says

The Colonial Pipeline cyberattack was a "crisis of communication" between the company and consumers, Homeland Security Adviser Suzanne Spaulding said.

By Samantha Schwartz • Oct. 15, 2021

Users have bad security habits. What can businesses do?

"As strange as it sounds, in the case of a security incident in the enterprise, you can't blame the user," Bitdefender's Alex "Jay" Balan said. 

By Samantha Schwartz • Oct. 14, 2021

How to secure the enterprise against REvil-style attacks

There is no way to fully protect against advanced attacks such as zero-day vulnerabilities or nation-state threats — responding quickly is critical to minimizing damage.

By Chris Silva • Oct. 12, 2021

War room preparation key to ransomware response, experts say

Companies need to assemble stakeholders ahead of an attack and be ready for potential fallout from litigation, reputational risk and operations disruption. 

By David Jones • Oct. 11, 2021

Why CEOs become communication chiefs after a cyberattack

When ransomware hit, the CEOs of Colonial Pipeline and Accellion paused their day-to-day duties. Their immediate new roles? Communication.

By Samantha Schwartz • Oct. 7, 2021

REvil, DarkSide highlight surge in Q2 ransomware attacks: report

The government sector saw more ransomware attacks, while financial services companies faced increased threats in the cloud, according to McAfee Enterprise research.

By David Jones • Oct. 4, 2021

Ransomware attacks put availability of medical devices at risk: FDA cyber chief

Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, said the acting director of cybersecurity at CDRH. 

By Greg Slabodkin • Oct. 4, 2021

Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor

The newly identified malware, called FoggyWeb, has been observed since April and is used to steal from compromised AD FS servers. 

By David Jones • Sept. 28, 2021

25% of providers saw mortality rates rise after ransomware attacks, survey finds

This study of health delivery organizations is one of the first finding a direct impact on patient care. It comes roughly a year after a patient in Germany died as a result of delayed care following a ransomware attack.

By Rebecca Pifer • Sept. 27, 2021

Ripple effects from a cyber incident take a year to develop: report

Organizations are likely to both generate and suffer the downstream consequences of cyber incidents because of the technological reliance companies have on one another.

By Samantha Schwartz • Sept. 27, 2021

Ransomware compromises customer data in farm co-op attack

A Minnesota-based co-op became the second agricultural firm in recent days to be the target of ransomware, just weeks after the FBI and CISA warned of a wider threat to the industry.

By David Jones • Updated Sept. 24, 2021