CISA director pushes for vendor accountability and less emphasis on victims’ errors

Stakeholders need to address why vendors are delivering products with common vulnerabilities, which account for the majority of attacks, Jen Easterly said.

By Matt Kapko • April 25, 2024

Zero-day exploits hit CrushFTP, researchers expect rapid exploitation

CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.

By Matt Kapko • April 24, 2024

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

UnitedHealth admits it paid a ransom in Change Healthcare attack

The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.

By Emily Olsen • Updated April 24, 2024

Palo Alto Networks quibbles over impact of exploited, compromised firewalls

The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.

By Matt Kapko • April 23, 2024

Mitre R&D network hit by Ivanti zero-day exploits

Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.

By Matt Kapko • April 22, 2024

Frontier Communications hit by cyberattack, IT systems impacted

The telecom provider said a cybercrime group intruded its IT infrastructure and gained access to PII. The operational disruption following its containment "could be considered material."

By Matt Kapko • April 19, 2024

Palo Alto Networks warns firewall exploits are spreading

Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.

By Matt Kapko • April 18, 2024

Cisco Duo MFA codes exposed in third-party breach

About 1% of the MFA and single sign-on provider’s business customers are impacted. An attacker intruded the third-party vendor’s systems via phishing.

By Matt Kapko • April 16, 2024

UnitedHealth expects up to $1.6B hit from Change cyberattack this year

Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.

By Rebecca Pifer • April 16, 2024

Federal agencies caught sharing credentials with Microsoft over email

U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.

By Matt Kapko • April 12, 2024

Mandiant spots advanced exploit activity in Ivanti devices

The incident response firm identified eight threat groups targeting the remote access VPNs and observed evolved post-exploitation activity.

By Matt Kapko • April 9, 2024

Change Healthcare asks to consolidate dozens of cyberattack class-action lawsuits

Lawsuits against the UnitedHealth subsidiary are racking up following a cyberattack against the technology firm in late February.

By Emily Olsen • April 9, 2024

D-Link tells customers to sunset actively exploited storage devices

The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability.

By Matt Kapko • April 8, 2024

Omni Hotels & Resorts hit by cyberattack

The hotel chain has been responding to the attack since March 29, when it shut down some of its systems.

By Noelle Mateer • April 8, 2024

Ivanti pledges security overhaul after critical vulnerabilities targeted in lengthy exploit spree

CEO Jeff Abbott said significant changes are underway. The beleaguered company committed to improve product security, share learnings and be more responsive to customers.

By David Jones • April 4, 2024

Microsoft Exchange state-linked hack entirely preventable, cyber review board finds

The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.

By David Jones • April 3, 2024

CISA asserts no data stolen during Ivanti-linked attack on the agency

Threat actors gained access to and potentially compromised two CISA systems weeks after the agency applied Ivanti’s initial mitigation measures.

By Matt Kapko • April 2, 2024

Hospital groups question HHS about data breach reporting after Change Healthcare attack

In a Thursday letter, the American Hospital Association urged the HHS’ Office of Civil Rights to reduce “duplicative” breach notifications from the cyberattack.

By Susanna Vogel • March 25, 2024

From silos to synergy: how IT-OT integration strengthens industrial cybersecurity

Disconnects between IT and OT teams hinder stronger cybersecurity; it’s time to flip the script. IT and OT teams hinder stronger cybersecurity; it’s time to flip the script.

By Qiang Huang, Vice President of product management, cloud delivered security services of Palo Alto Networks • March 25, 2024

Threat groups hit enterprise software, network infrastructure hard in 2023

Recorded Future observed an approximately threefold increase in actively exploited high-risk vulnerabilities in enterprise software and network infrastructure, such as VPNs.

By Matt Kapko • March 22, 2024

Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears

Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk. 

By David Jones • March 22, 2024

Change Healthcare’s drawn-out recovery catches flak from cyber experts

At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.

By Matt Kapko • March 21, 2024

Change Healthcare cyberattack could damage credit at small providers: Fitch

Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.

By Emily Olsen • March 21, 2024

Five Eyes implores critical infrastructure execs to take China-linked threats seriously

Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.

By Matt Kapko • March 20, 2024

More warnings emerge about state-linked cyber threats to water infrastructure

The White House and EPA set an urgent virtual meeting with state homeland security and other top officials, citing efforts to boost the resiliency of drinking and wastewater treatment systems.

By David Jones • March 20, 2024