Cyberattacks


  • Rendering of digital data code in safety security technology concept.
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Palo Alto Networks warns firewall exploits are spreading

    Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.

    By April 18, 2024
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Cisco Duo MFA codes exposed in third-party breach

    About 1% of the MFA and single sign-on provider’s business customers are impacted. An attacker intruded the third-party vendor’s systems via phishing.

    By April 16, 2024
  • A wall of binary code is partly unzippered, revealing the face of Ben Franklin as seen on the $100 bill. Explore the Trendline
    Image attribution tooltip
    imagedepotpro via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

    By Cybersecurity Dive staff
  • UnitedHealth Group office
    Image attribution tooltip
    Courtesy of UnitedHealth Group
    Image attribution tooltip

    UnitedHealth expects up to $1.6B hit from Change cyberattack this year

    Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.

    By Rebecca Pifer • April 16, 2024
  • The Eastern facade of the United States Capitol Building, with the House of the Representative's stair.
    Image attribution tooltip
    3000ad via Getty Images
    Image attribution tooltip

    Federal agencies caught sharing credentials with Microsoft over email

    U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.

    By April 12, 2024
  • Header image for "56% of Business Leaders Are Incorporating AI Into Cybersecurity: Weekly Stat"
    Image attribution tooltip
    Andrew Brookes
    Image attribution tooltip

    Mandiant spots advanced exploit activity in Ivanti devices

    The incident response firm identified eight threat groups targeting the remote access VPNs and observed evolved post-exploitation activity.

    By April 9, 2024
  • A circular rotunda under a dome with a mosaic floor and windows on all sides.
    Image attribution tooltip
    Schweikert, John. (2022). [Photograph]. Retrieved from U.S. Courts.
    Image attribution tooltip

    Change Healthcare asks to consolidate dozens of cyberattack class-action lawsuits

    Lawsuits against the UnitedHealth subsidiary are racking up following a cyberattack against the technology firm in late February.

    By Emily Olsen • April 9, 2024
  • An image of a digital lock is shown
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    D-Link tells customers to sunset actively exploited storage devices

    The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability.

    By April 8, 2024
  • Cyberattack and internet crime, hacking and malware concepts.
    Image attribution tooltip
    Techa Tungateja via Getty Images
    Image attribution tooltip

    Omni Hotels & Resorts hit by cyberattack

    The hotel chain has been responding to the attack since March 29, when it shut down some of its systems.

    By Noelle Mateer • April 8, 2024
  • Hooded person types on computer in a dark room with multiple monitors and cables everywhere.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Ivanti pledges security overhaul after critical vulnerabilities targeted in lengthy exploit spree

    CEO Jeff Abbott said significant changes are underway. The beleaguered company committed to improve product security, share learnings and be more responsive to customers.

    By April 4, 2024
  • Microsoft logo is seen in the background.
    Image attribution tooltip
    Jeenah Moon via Getty Images
    Image attribution tooltip

    Microsoft Exchange state-linked hack entirely preventable, cyber review board finds

    The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.

    By April 3, 2024
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA asserts no data stolen during Ivanti-linked attack on the agency

    Threat actors gained access to and potentially compromised two CISA systems weeks after the agency applied Ivanti’s initial mitigation measures.

    By April 2, 2024
  • "System hacked" warning alert message displayed on a screen.
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Hospital groups question HHS about data breach reporting after Change Healthcare attack

    In a Thursday letter, the American Hospital Association urged the HHS’ Office of Civil Rights to reduce “duplicative” breach notifications from the cyberattack.

    By Susanna Vogel • March 25, 2024
  • Sponsored by Palo Alto Networks

    From silos to synergy: how IT-OT integration strengthens industrial cybersecurity

    Disconnects between IT and OT teams hinder stronger cybersecurity; it’s time to flip the script. IT and OT teams hinder stronger cybersecurity; it’s time to flip the script.

    By Qiang Huang, Vice President of product management, cloud delivered security services of Palo Alto Networks • March 25, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Threat groups hit enterprise software, network infrastructure hard in 2023

    Recorded Future observed an approximately threefold increase in actively exploited high-risk vulnerabilities in enterprise software and network infrastructure, such as VPNs.

    By March 22, 2024
  • A man and a woman shake hands in front of a desk that has flags from the U.S. and Ukraine. The people are in front of a blue background with CISA logos.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.
    Image attribution tooltip

    Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears

    Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk. 

    By March 22, 2024
  • Andrew Witty attends the World Economic Forum annual meeting in Davos, Switzerland, Jan. 19, 2017.
    Image attribution tooltip

    Ruben Sprich/Reuters

    Image attribution tooltip

    Change Healthcare’s drawn-out recovery catches flak from cyber experts

    At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.

    By March 21, 2024
  • Stethoscope and money on wooden table.
    Image attribution tooltip
    mohd izzuan via Getty Images
    Image attribution tooltip

    Change Healthcare cyberattack could damage credit at small providers: Fitch

    Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.

    By Emily Olsen • March 21, 2024
  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Five Eyes implores critical infrastructure execs to take China-linked threats seriously

    Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.

    By March 20, 2024
  • Michael Regan stands at a podium and speaks.
    Image attribution tooltip
    Kevin Dietsch via Getty Images
    Image attribution tooltip

    More warnings emerge about state-linked cyber threats to water infrastructure

    The White House and EPA set an urgent virtual meeting with state homeland security and other top officials, citing efforts to boost the resiliency of drinking and wastewater treatment systems.

    By March 20, 2024
  • Photo illustration of a VF Corp. SEC filing.
    Image attribution tooltip

    Photo illustration: Industry Dive; US Securities and Exchange Commission

    Image attribution tooltip

    How companies describe cyber incidents in SEC filings

    The words businesses use in cybersecurity disclosures matter. They can channel confidence in the recovery process, potential impacts and legal liabilities.

    By March 19, 2024
  • Header image for "56% of Business Leaders Are Incorporating AI Into Cybersecurity: Weekly Stat"
    Image attribution tooltip
    Andrew Brookes
    Image attribution tooltip

    Audit committees rank cybersecurity as top priority amid SEC crackdown

    Cyberattacks are just one of several rapidly changing threats confronting audit committees, according to the Center for Audit Quality and Deloitte.

    By Jim Tyson • March 14, 2024
  • Change Healthcare logo
    Image attribution tooltip
    Courtesy of Change Healthcare
    Image attribution tooltip

    Change Healthcare locates ransomware attack vector

    Though the UnitedHealth Group subsidiary’s recovery efforts are ongoing, a forensic analysis identified a safe system restoration point.

    By March 14, 2024
  • The exterior of the Department Health and Human Services headquarters.
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    HHS opens investigation into Change Healthcare cyberattack

    The Office for Civil Rights will focus on whether protected health information was breached and if UnitedHealth complied with privacy and security requirements. 

    By Emily Olsen • March 14, 2024
  • The White House in Washington, D.C.
    Image attribution tooltip
    TriggerPhoto via Getty Images
    Image attribution tooltip

    White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout

    Officials called on payers to cut red tape and offer financial support to providers, including advanced payments. 

    By Emily Olsen • March 13, 2024
  • A facade of the White House in Washington, D.C.
    Image attribution tooltip
    Nick van Bree via Getty Images
    Image attribution tooltip

    Ransomware festers as a top security challenge, US intel leaders say

    U.S. intelligence leaders warn ransomware activity is growing, despite high profile efforts to seize threat actors’ infrastructure.

    By March 12, 2024