Cyberattacks


  • A black U.S. Environmental Protection Agency sign on a tan building and placed next to glass double-doors.
    Image attribution tooltip
    Sara Samora/Cybersecurity Dive
    Image attribution tooltip

    American Water Works reconnecting systems a week after cyberattack

    The water utility said there is no evidence of damage to its facilities, but law enforcement and forensic experts are still investigating. 

    By Oct. 11, 2024
  • Building Exterior with Marriott sign
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    FTC settles yearslong investigation into Marriott’s ‘security failures’

    The settlement caps a pattern of major data breaches at Marriott and its subsidiary Starwood Hotels and Resorts Worldwide over the last decade.

    By Oct. 10, 2024
  • An abstract photo copy background in black and white. Explore the Trendline
    Image attribution tooltip
    BNMK0819 via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

    By Cybersecurity Dive staff
  • Rendering of digital data code in safety security technology concept.
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Trio of Ivanti CSA zero-day vulnerabilities under exploit threat

    The latest round of exploitation follows more than three weeks of CVE disclosures involving various Ivanti products. 

    By Oct. 9, 2024
  • Money moving through cyberspace.
    Image attribution tooltip
    Viorika via Getty Images
    Image attribution tooltip

    MoneyGram attack exposed a trove of sensitive customer data

    The attack led to a days-long outage in September. The money transfer firm hasn’t described the nature of the incident or said how many people are impacted.

    By Oct. 9, 2024
  • ADT sign outside of a private home
    Image attribution tooltip
    Joe Raedle via Getty Images
    Image attribution tooltip

    ADT employee account data stolen in cyberattack

    The alarm system company said an attacker accessed its network with compromised credentials obtained from an unnamed third party.

    By Oct. 8, 2024
  • A facade of the U.S. Environmental Protection Agency signage on the wall of its building
    Image attribution tooltip
    Joe Cicak via Getty Images
    Image attribution tooltip

    American Water Works investigates unauthorized cyber intrusion

    The New Jersey-based utility said none of its water or wastewater operations were impacted by the hack.

    By Oct. 7, 2024
  • Cyberhackers-Ransomware
    Image attribution tooltip
    (Gorodenkoff) via Getty Images
    Image attribution tooltip

    Ivanti up against another attack spree as hackers target its endpoint manager

    Ivanti customers are facing a new series of exploitation attempts after the company pledged in April to launch a comprehensive overhaul of its internal security practices.

    By Oct. 3, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Two-thirds of healthcare organizations hit by ransomware in past year: survey

    Nearly 40% of healthcare organizations reported it took more than a month to recover after an attack, according to the survey by cybersecurity firm Sophos.

    By Emily Olsen • Oct. 2, 2024
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images
    Image attribution tooltip

    Phishing remains cloud intrusion tactic of choice for threat groups

    The long-lasting effectiveness and success of phishing campaigns underscores the most central challenge in cybersecurity — people are the weakest link.

    By Oct. 2, 2024
  • People enjoy the warm weather outside the White House on April 28, 2024 in Washington, DC.
    Image attribution tooltip
    Kent Nishimura via Getty Images
    Image attribution tooltip

    Ransomware attacks surge despite international enforcement effort

    Progress remains elusive as federal authorities point to ransomware payments inhibiting progress to reduce the volume and impact of attacks.

    By Oct. 1, 2024
  • MoneyGram telephone sits on store counter.
    Image attribution tooltip
    Retrieved from Lynne Marek on March 04, 2022
    Image attribution tooltip

    MoneyGram faces backlog after cyberattack

    The international wire transfer company has restarted some services since the incident, but is battling to fulfill transactions after taking its systems offline for much of the week.

    By Lynne Marek • Sept. 27, 2024
  • Abstract black and white monochrome art with surreal funnel.
    Image attribution tooltip
    Philipp Tur/Getty Images Plus via Getty Images
    Image attribution tooltip

    Major companies keep hiring North Korean IT workers

    Dozens of Fortune 100 organizations have inadvertently hired workers from North Korea applying for remote jobs, Mandiant said.

    By Sept. 24, 2024
  • A person in a grey sweater hovers over a laptop with their hands.
    Image attribution tooltip
    mapo via Getty Images
    Image attribution tooltip

    Cybersecurity firm flags attack on construction accounting system

    Users of Foundation Software, which serves 43,000 construction pros, may be at risk of intrusion if they still use default credentials, according to cybersecurity firm Huntress.

    By Matthew Thibault • Sept. 20, 2024
  • View of the Seattle skyline
    Image attribution tooltip
    Abbie Parr/Getty Images via Getty Images
    Image attribution tooltip

    Port of Seattle official flags a cyber dilemma, ‘one-way street’ with federal agencies

    A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.

    By Sept. 19, 2024
  • FBI Director Chris Wray announces a major operation to disrupt a state-linked botnet, during a speech the Aspen Cyber Summit, Sept. 18, 2024.
    Image attribution tooltip
    Permission granted by Aspen Cyber Summit, Laurence Genon
    Image attribution tooltip

    US authorities take down a Mirai-variant botnet tied to DDoS threat

    An FBI-led operation to disrupt a China-linked botnet comes months after a similar operation in January linked to Volt Typhoon.

    By Sept. 19, 2024
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    TU IS via Getty Images
    Image attribution tooltip

    Suffolk County ransomware attack linked to lack of planning, ignored warnings

    A special report blames county officials for ignoring FBI warnings during the 2022 attack and an overall failure of IT and security leadership.

    By Sept. 18, 2024
  • A man walks with an umbrella in front of AT&T logo.
    Image attribution tooltip
    Ronald Martinez via Getty Images
    Image attribution tooltip

    AT&T settles a 2023 data breach for $13M. Recent incidents are much worse.

    Telecom cybersecurity remains a challenge with widespread impacts. AT&T is not alone in experiencing a pattern of extensive breaches exposing customer data.

    By Sept. 18, 2024
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Valid accounts remain top access point for critical infrastructure attacks, officials say

    CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.

    By Sept. 17, 2024
  • An image of a digital lock is shown
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Hackers exploit CVE in older versions of Ivanti Cloud Service Appliance

    Version 4.6 has reached end of life and the company is urging customers to upgrade to version 5.0 to receive support.

    By Sept. 16, 2024
  • Image attribution tooltip
    David Ryder via Getty Images
    Image attribution tooltip

    Port of Seattle officials pin attack, data theft to Rhysida ransomware group

    The port restored most of the systems impacted by the ransomware attack as officials warn their refusal to pay extortion demand could result in data leaks.

    By Sept. 16, 2024
  • Fortinet office in Nepean, Canada.
    Image attribution tooltip
    iStock Editorial / Getty Images Plus via Getty Images
    Image attribution tooltip

    Fortinet customer data stolen from third-party file-sharing service

    The breach marks yet another attack originating in a file-sharing or -transfer service, a common and highly damaging attack vector for opportunistic cybercriminals.

    By Sept. 13, 2024
  • Illustration of locks layered above circuity.
    Image attribution tooltip
    Traitov/iStock/Getty via Getty Images
    Image attribution tooltip

    SonicWall firewall CVE exploits linked to ransomware attacks

    Active exploits aimed at firewalls mark yet another string of attacks targeting devices with high-value initial access, researchers said.

    By Sept. 10, 2024
  • Interior of Progress Software's office in Rotterdam, Netherlands.
    Image attribution tooltip
    Retrieved from Progress Software on January 18, 2024
    Image attribution tooltip

    MOVEit victims are still coming forward. This time it’s Wisconsin Medicare.

    The delayed notifications underscore the difficulty organizations confront in discovering breaches and attributing compromises to a root cause or source.

    By Sept. 9, 2024
  • FBI seal displayed on a wall
    Image attribution tooltip
    Chip Somodevilla/Getty Images via Getty Images
    Image attribution tooltip

    Feds warn of broad Russia-linked CVE exploits targeting critical infrastructure

    Attackers operating under the direction of Russia’s military intelligence service are targeting governments, finance, transportation, energy and healthcare.

    By Sept. 6, 2024
  • a close up of a computer chip implanted on a silicon board
    Image attribution tooltip
    SweetBunFactory via Getty Images
    Image attribution tooltip

    Microchip Technology says its data was stolen amid alleged leaks online

    The chipmaker said an unidentified attacker stole employee contact information and some encrypted and hashed passwords.

    By Sept. 5, 2024