Clorox to restart ERP upgrade as it looks past August cyberattack

With the company out of recovery mode, teams are looking to advance on digital transformation projects. 

By Lindsey Wilkinson • June 11, 2024

100 Snowflake customers attacked, data stolen for extortion

A financially-motivated attacker used stolen credentials to systematically compromise customer accounts, steal a significant volume of data and extort victims, Mandiant said.

By Matt Kapko • June 10, 2024

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

Frontier Communications says cyberattack snagged data from 751,000 people

The breach notifications come almost two months after the company initially disclosed the April attack.

By David Jones • June 7, 2024

Cyberattacks pose mounting risks to creditworthiness: Moody’s

“As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.

By Jim Tyson • June 6, 2024

Pressure mounts on Snowflake and its customers as attacks spread

More businesses are likely impacted by an attacker’s access to multiple Snowflake customer databases.

By Matt Kapko • June 6, 2024

CVE exploits, stolen credentials fueled ransomware surge in 2023

Data leak site posts increased 75% to 4,520 posts in 2023, Mandiant said in a report.

By Matt Kapko • June 4, 2024

Snowflake customers caught in identity-based attack spree

Cyber authorities and researchers warn many major companies could be compromised by the targeted attacks against Snowflake customer environments.

By Matt Kapko • June 3, 2024

Live Nation confirms jumbo breach, Ticketmaster customer data exposed

The live concert and entertainment giant disclosed the compromise days after reports began surfacing of a data breach. The company said it detected the intrusion on May 20.

By Matt Kapko • June 3, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

Utilities saw fewer Q1 ransomware attacks than other sectors. A Dragos analyst explains why.

Electric companies worldwide experienced one ransomware attack in Q1, compared with 25 in the transportation sector and 106 in manufacturing, according to Dragos, but analysts warn against utilities getting complacent.

By Robert Walton • May 31, 2024

First American says personal data of 44K breached in December cyberattack

The company previously said the attack had a material impact on Q4 operations, but would not have a significant long-term impact on results.

By David Jones • May 29, 2024

Microsoft president set to testify before Congress on ‘security shortcomings’

After the tech giant asked for more time, Brad Smith will now testify before the House Committee on Homeland Security on June 13.

By Matt Kapko • May 22, 2024

Providers urge HHS to clarify Change data breach reporting requirements

More than 50 provider groups are asking the federal government to publicly state that UnitedHealth should handle data breach reporting stemming from the cyberattack on its subsidiary.

By Emily Olsen • May 22, 2024

EPA to ramp up enforcement as most water utilities lack cyber safeguards

The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

By David Jones • May 21, 2024

Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks

Threat researchers say a financially-motivated attacker has deployed the tool in social-engineering attacks since April.

By David Jones • May 17, 2024

Remote-access tools the intrusion point to blame for most ransomware attacks

Self-managed VPNs from Cisco and Citrix were 11 times more likely to be linked to a ransomware attack last year, At-Bay research found.

By Matt Kapko • May 16, 2024

Black Basta ransomware is toying with critical infrastructure providers, authorities say

The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors.  Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.

By David Jones • May 13, 2024

Some Ascension hospitals diverting emergency care after cybersecurity incident

The health system’s electronic health records, MyChart patient portal and several systems for ordering tests and medications are unavailable, Ascension said.

By Emily Olsen • May 10, 2024

Ascension hit by cybersecurity incident disrupting clinical operations

The major nonprofit health system detected “unusual activity” on some network systems Wednesday.

By Emily Olsen • May 9, 2024

China-linked attackers are successfully targeting network security devices, worrying officials

Espionage groups linked to China are heavily exploiting zero days, focusing on devices that lack endpoint detection and response capabilities, one expert said.

By Matt Kapko • May 7, 2024

Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony

Change Healthcare was running on legacy technology, which magnified the ransomware attack’s impact and hampered recovery efforts, Andrew Witty said.

By Matt Kapko • May 6, 2024

Clorox lowers sales outlook as recovery from 2023 cyberattack continues

The cleaning products maker is still working to fully restore distribution capabilities after the attack.

By David Jones • May 3, 2024

Every Dropbox Sign user, account holders or not, stung in cyberattack

An attacker intruded the electronic signature platform’s production environment and accessed a trove of user data, including OAuth tokens.

By Matt Kapko • May 2, 2024

Congress grills UnitedHealth CEO over Change cyberattack

Legislators slammed Andrew Witty over the company’s lack of cybersecurity practices and the impact of the breach, which may have compromised the data of a third of Americans.

By Emily Olsen • May 2, 2024

Change Healthcare, compromised by stolen credentials, did not have MFA turned on

AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.

By Matt Kapko • April 30, 2024