Cyberattacks: Page 2

With K-12 cyberattacks expected to worsen in 2022, what can districts do?

Collaboration with local, federal and ed tech leaders to find solutions may help address K-12's growing vulnerabilities to cyberattacks.

By Anna Merod • Jan. 26, 2022

Google Drive, OneDrive top cloud apps for malware delivery: report

Netskope's findings are based on blocked malware, so the hacker's attempts to get a user to open a malicious download were initially successful. 

By Samantha Schwartz • Jan. 12, 2022

Phishing lures await in Google Docs comments

Email addresses are hidden when someone mentions a user in a comment, so the human instinct to question the legitimacy of the notification decreases. 

By Samantha Schwartz • Jan. 10, 2022

C-suite leaders are confident in ransomware protections, despite more attacks

While it's important for non-IT and security leaders to have buy-in, CISOs have the responsibility to level with their C-suite counterparts on the true threat of ransomware, (ISC)² research shows.

By Samantha Schwartz • Jan. 5, 2022

One year later: Has SolarWinds changed how industry builds software?

The SolarWinds hack caused government and industry leaders to rethink how software is made and secured, giving rise to close scrutiny of the software supply chain.

By Samantha Schwartz • Dec. 14, 2021

Cyberattacks keep targeting colleges. How can they protect themselves?

Higher ed's sprawling systems mean cybersecurity doesn't come easy — or cheap. But smart strategies and thinking through risk can go a long way.

By Liz Farmer • Dec. 9, 2021

A month after 'malicious' cyberattack, a small Colorado utility still doesn't have all systems back online

Delta-Montrose Electric Association is still working to restore its payment and billing systems. Security experts say the recovery time points to a need for better backups.

By Robert Walton • Dec. 7, 2021

Cuba ransomware targets critical infrastructure, steals $44M in payments

The threat actors compromised at least 49 organizations across the financial, government, healthcare, manufacturing, and information technology sectors. 

By Samantha Schwartz • Dec. 6, 2021

Marriott is still covering — and recovering — expenses from its 2018 data breach

The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

By Samantha Schwartz • Dec. 1, 2021

Majority of US retailers, critical infrastructure unscathed after holiday cyber warnings

Industry averted a major cyber incident amid warnings from the FBI and CISA, though home furnishings retailer Ikea fought to contain a sophisticated phishing attack.

By David Jones • Nov. 30, 2021

2 community colleges close to recover from cyberattacks

Lewis and Clark Community College and Butler County Community College are closing their campuses as they restore their servers and systems.

By Natalie Schwartz • Nov. 30, 2021

DDoS threats linger as peak holiday shopping begins

Slow or crashing websites can stem from failure to prepare, an unexpected bug or a denial-of-service attack, which have grown more severe this year, Cloudflare's Patrick Donahue said. 

By Samantha Schwartz • Nov. 24, 2021

GoDaddy breach raises questions about how to secure identity in the enterprise

More than one million current and former WordPress customers had their data exposed by the attack, which could expose organizations to downstream phishing attacks and ransomware, security researchers said.

By David Jones • Updated Nov. 24, 2021

Recovering ransom payments could become routine for law enforcement

Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.

By Samantha Schwartz • Nov. 23, 2021

FBI justifies its decision to withhold Kaseya decryptor

The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.

By Samantha Schwartz • Nov. 17, 2021

Sinclair Broadcast still assessing financial impact of ransomware attack

While the news provider maintains cyber insurance to cover losses related to security risk and business interruption, such policies may not be enough to cover the losses, President and CEO Chris Ripley said.

By David Jones • Nov. 4, 2021

SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes

The threat actor is using a tactic called EWS impersonation to target mailboxes in Microsoft 365 and is also using cloud service providers to target end users, Mandiant researchers said. 

By David Jones • Nov. 1, 2021

The most 'anxiety-inducing' cyberattacks of 2021 for IT and security

"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 

By Samantha Schwartz • Oct. 29, 2021

Identity crisis: Why ransomware groups rebrand — and disappear

Criminals are not known for telling the truth, but what they say is usually the only explanation for a disappearance. Even if it is a lie.

By Samantha Schwartz • Oct. 28, 2021

SolarWinds threat actor targeted IT service providers in thousands of attacks, Microsoft says

The campaign from the Russian nation-state threat actor Nobelium was caught early, but there were at least 14 compromises involving password spraying and phishing to gain access.

By Samantha Schwartz • Oct. 25, 2021

How businesses are tackling fraud in a digital-first reality

With digital transactions and eCommerce continuing to grow in volume, successfully taking on fraud will require businesses to explore and rely on new tools and technologies.

Oct. 25, 2021

Sinclair Broadcast becomes latest media group to face ransomware attack

Researchers linked the incident that disrupted weekend broadcasts to Evil Corp., which used a ransomware strain associated with WastedLocker.

By David Jones • Updated Oct. 21, 2021

The public needs to understand what's at stake with cyberattacks, DHS adviser says

The Colonial Pipeline cyberattack was a "crisis of communication" between the company and consumers, Homeland Security Adviser Suzanne Spaulding said.

By Samantha Schwartz • Oct. 15, 2021

Users have bad security habits. What can businesses do?

"As strange as it sounds, in the case of a security incident in the enterprise, you can't blame the user," Bitdefender's Alex "Jay" Balan said. 

By Samantha Schwartz • Oct. 14, 2021

How to secure the enterprise against REvil-style attacks

There is no way to fully protect against advanced attacks such as zero-day vulnerabilities or nation-state threats — responding quickly is critical to minimizing damage.

By Chris Silva • Oct. 12, 2021