• Image attribution tooltip
    Justin Sullivan via Getty Images

    Marriott is still covering — and recovering — expenses from its 2018 data breach

    The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

    By Dec. 1, 2021
  • Image attribution tooltip
    Brandon Bell via Getty Images

    Majority of US retailers, critical infrastructure unscathed after holiday cyber warnings

    Industry averted a major cyber incident amid warnings from the FBI and CISA, though home furnishings retailer Ikea fought to contain a sophisticated phishing attack.

    By Nov. 30, 2021
  • Image attribution tooltip
    JuSun via Getty Images

    2 community colleges close to recover from cyberattacks

    Lewis and Clark Community College and Butler County Community College are closing their campuses as they restore their servers and systems.

    By Natalie Schwartz • Nov. 30, 2021
  • Image attribution tooltip
    Poike via Getty Images

    DDoS threats linger as peak holiday shopping begins

    Slow or crashing websites can stem from failure to prepare, an unexpected bug or a denial-of-service attack, which have grown more severe this year, Cloudflare's Patrick Donahue said. 

    By Nov. 24, 2021
  • Image attribution tooltip
    Spencer Platt via Getty Images

    GoDaddy breach raises questions about how to secure identity in the enterprise

    More than one million current and former WordPress customers had their data exposed by the attack, which could expose organizations to downstream phishing attacks and ransomware, security researchers said.

    By Updated Nov. 24, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    Recovering ransom payments could become routine for law enforcement

    Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.

    By Nov. 23, 2021
  • Image attribution tooltip
    Getty via Getty Images

    FBI justifies its decision to withhold Kaseya decryptor

    The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.

    By Nov. 17, 2021
  • Image attribution tooltip
    william thomas cain via Getty Images

    Sinclair Broadcast still assessing financial impact of ransomware attack

    While the news provider maintains cyber insurance to cover losses related to security risk and business interruption, such policies may not be enough to cover the losses, President and CEO Chris Ripley said.

    By Nov. 4, 2021
  • Image attribution tooltip
    Joe Raedle via Getty Images

    SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes

    The threat actor is using a tactic called EWS impersonation to target mailboxes in Microsoft 365 and is also using cloud service providers to target end users, Mandiant researchers said. 

    By Nov. 1, 2021
  • Image attribution tooltip
    Leon Neal via Getty Images

    The most 'anxiety-inducing' cyberattacks of 2021 for IT and security

    "PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 

    By Oct. 29, 2021
  • Image attribution tooltip
    Dan Kitwood / Staff via Getty Images

    Identity crisis: Why ransomware groups rebrand — and disappear

    Criminals are not known for telling the truth, but what they say is usually the only explanation for a disappearance. Even if it is a lie.

    By Oct. 28, 2021
  • Image attribution tooltip
    Jeenah Moon via Getty Images

    SolarWinds threat actor targeted IT service providers in thousands of attacks, Microsoft says

    The campaign from the Russian nation-state threat actor Nobelium was caught early, but there were at least 14 compromises involving password spraying and phishing to gain access.

    By Oct. 25, 2021
  • Image attribution tooltip

    Sponsored by Cybersource

    How businesses are tackling fraud in a digital-first reality

    With digital transactions and eCommerce continuing to grow in volume, successfully taking on fraud will require businesses to explore and rely on new tools and technologies.

    Oct. 25, 2021
  • Image attribution tooltip
    william thomas cain via Getty Images

    Sinclair Broadcast becomes latest media group to face ransomware attack

    Researchers linked the incident that disrupted weekend broadcasts to Evil Corp., which used a ransomware strain associated with WastedLocker.

    By Updated Oct. 21, 2021
  • Image attribution tooltip
    Samantha Schwartz/Cybersecurity Dive

    The public needs to understand what's at stake with cyberattacks, DHS adviser says

    The Colonial Pipeline cyberattack was a "crisis of communication" between the company and consumers, Homeland Security Adviser Suzanne Spaulding said.

    By Oct. 15, 2021
  • Image attribution tooltip
    Carl Court via Getty Images

    Users have bad security habits. What can businesses do?

    "As strange as it sounds, in the case of a security incident in the enterprise, you can't blame the user," Bitdefender's Alex "Jay" Balan said. 

    By Oct. 14, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    How to secure the enterprise against REvil-style attacks

    There is no way to fully protect against advanced attacks such as zero-day vulnerabilities or nation-state threats — responding quickly is critical to minimizing damage.

    By Chris Silva • Oct. 12, 2021
  • Image attribution tooltip
    Brendan Smialowski / Stringer via Getty Images

    War room preparation key to ransomware response, experts say

    Companies need to assemble stakeholders ahead of an attack and be ready for potential fallout from litigation, reputational risk and operations disruption. 

    By Oct. 11, 2021
  • Image attribution tooltip
    Courtesy of Colonial Pipeline Company

    Why CEOs become communication chiefs after a cyberattack

    When ransomware hit, the CEOs of Colonial Pipeline and Accellion paused their day-to-day duties. Their immediate new roles? Communication.

    By Oct. 7, 2021
  • Image attribution tooltip
    Drew Angerer via Getty Images

    REvil, DarkSide highlight surge in Q2 ransomware attacks: report

    The government sector saw more ransomware attacks, while financial services companies faced increased threats in the cloud, according to McAfee Enterprise research.

    By Oct. 4, 2021
  • Ransomware attacks put availability of medical devices at risk: FDA cyber chief

    Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, said the acting director of cybersecurity at CDRH. 

    By Greg Slabodkin • Oct. 4, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor

    The newly identified malware, called FoggyWeb, has been observed since April and is used to steal from compromised AD FS servers. 

    By Sept. 28, 2021
  • Image attribution tooltip
    Max Pixel

    25% of providers saw mortality rates rise after ransomware attacks, survey finds

    This study of health delivery organizations is one of the first finding a direct impact on patient care. It comes roughly a year after a patient in Germany died as a result of delayed care following a ransomware attack.

    By Rebecca Pifer • Sept. 27, 2021
  • Image attribution tooltip
    Mark Wilson via Getty Images

    Ripple effects from a cyber incident take a year to develop: report

    Organizations are likely to both generate and suffer the downstream consequences of cyber incidents because of the technological reliance companies have on one another.

    By Sept. 27, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Ransomware compromises customer data in farm co-op attack

    A Minnesota-based co-op became the second agricultural firm in recent days to be the target of ransomware, just weeks after the FBI and CISA warned of a wider threat to the industry.

    By Updated Sept. 24, 2021