Cyberattacks: Page 2

Attackers used password spraying, guessing in SolarWinds hack

As experts investigate the damage, the latest CISA update points to a constant in cybersecurity: weak passwords.

By Samantha Schwartz • Jan. 11, 2021

Chris Krebs, Alex Stamos join SolarWinds for hack cleanup

SolarWinds has tapped two high-profile and outspoken security experts to guide its efforts to evolve into a more secure software development company.

By Samantha Schwartz • Jan. 08, 2021

Report: Officials investigating possible role of SolarWinds' vendor in compromise

The investigation is centered around whether JetBrains' software development tools are a conduit for compromise. The company has said it is unaware of the investigation. 

By Samantha Schwartz • Jan. 07, 2021

SolarWinds attack leads to renewed focus on IT relationships with corporate boards

Corporate governance and cybersecurity experts say IT officials need to clearly and regularly communicate potential risks and liabilities ahead of the next crisis. 

By David Jones • Jan. 07, 2021

Federal task force says Russia likely actor behind SolarWinds attack

As investigations continue, agencies are working to preserve private-sector trust.

By David Jones , Samantha Schwartz • Jan. 05, 2021

Healthcare cyberattacks spiked 45% since November, report finds

While most ransomware has a broad sector target, Check Point found Ryuk is tailored toward targets in the healthcare industry.

By Samantha Schwartz • Jan. 05, 2021

Fast-growing gaming industry faces rising threat of account compromise

A report from KELA shows one million compromised accounts and thousands of leaked employee credentials in underground markets. 

By David Jones • Jan. 05, 2021

Full impact of SolarWinds attack begins to emerge across tech sector, federal agencies

Several leading technology companies and other organizations are evaluating the impact of the SolarWinds breach and other recent nation-state attacks. 

By David Jones • Dec. 23, 2020

Biden says US must treat cyberattacks with same 'seriousness of purpose' as weapons

As the president-elect prepares to take office in January, his administration faces one of the largest hacks on federal agencies. 

By Samantha Schwartz • Dec. 23, 2020

SolarWinds breach reminds companies to be proactive in managing trust, disclosure

Legal and forensics experts warn CISOs about supply chain monitoring and transparency amid fallout from historic attack. 

By David Jones • Dec. 22, 2020

New Orleans leaders share lessons from 2019 cyberattack

CIO Kimberly LaGrue said early preparations were key to preventing disaster and recovering without paying a ransom to the hackers.

By Chris Teale • Dec. 21, 2020

Tracking SolarWinds cyberattack fallout, play-by-play

As more companies are discovering impact from the SolarWinds hack, attention is turning toward far-reaching supply chain vulnerabilities. 

By Samantha Schwartz , David Jones , Naomi Eide , Katie Malone • UPDATED: Jan. 4, 2021 at 10:18 a.m.

CISA warns of more backdoors beyond SolarWinds Orion

The extent of compromised data is not disclosed. What is clear? Threat actors relied on the supply chain for widespread access.

By Samantha Schwartz • Dec. 17, 2020

Federal agencies fall short on cybersecurity, undermining standards

The SolarWinds hack could change how industry coordinates response to future cyberattacks.

By Samantha Schwartz • Dec. 17, 2020

FDIC, OCC proposal would give banks 36 hours to report cyberattacks

Under the proposal, a bank's technology vendor would have to immediately notify customers if an incident disrupted services for four hours or more.

By Dan Ennis • Dec. 17, 2020

FireEye killswitch stops SolarWinds hack

After identifying the supply chain attack against SolarWinds, the security firm partnered with Microsoft and GoDaddy to block malware from further operation.

By David Jones • Dec. 16, 2020

Microsoft to begin blocking binaries linked to SolarWinds cyberattack

Microsoft Defender Antivirus will quarantine the trojan before it can begin processing, though the company said "it may not be simple to remove the product from service."

By Samantha Schwartz • Dec. 16, 2020

SolarWinds Orion vulnerability: What security teams need to know

As SolarWinds and investigators seek answers on the extent of the Orion vulnerability's impact, experts say the attack raises broader questions about readiness.

By David Jones • Dec. 15, 2020

SolarWinds Orion flaw linked to government cyberattacks

The Cybersecurity and Infrastructure Agency called on all federal civilian agencies to review their networks for evidence of compromise and to disconnect or power off SolarWinds Orion products immediately. 

By David Jones • Dec. 14, 2020

Federal agencies warn of heightened cyberthreats against K-12 schools

Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said. 

By David Jones • Dec. 11, 2020

Vendor ransomware attack disrupts DSW's inventory management

The impact of cyberattacks on retailers and their vendors is even greater during this digital-first period brought on by the coronavirus pandemic.

By Emma Cosgrove • Dec. 10, 2020

COVID-19 vaccine data manipulated after leak, EU drug regulator says

The compromised data included vaccine information from the Pfizer and BioNTech COVID-19 vaccine, the regulator said.

By Samantha Schwartz • UPDATED: Jan. 15, 2021 at 12:33 p.m.

FireEye cyberattack leaves more questions than answers

If there is a crack in FireEye's defenses, it could allow attacks against companies under its protection, resulting in devastating supply chain attacks, experts say.

By Naomi Eide • Dec. 09, 2020

FireEye attacked by tailored, nation-state cyber effort, firm says

The attacked accessed FireEye's Red Team assessment tools, which the company used to test their customers' security.

By Katie Malone • Dec. 08, 2020

Kmart's reported ransomware attack highlights ongoing threat to retail

Egregor is emerging as growing cyberthreat as the pandemic shifts holiday shopping even further toward e-commerce.

By David Jones • Dec. 04, 2020