The MOVEit spree is as bad as — or worse than — you think it is

The mass exploit has compromised more than 600 organizations, but that only scratches the surface of the potential number of downstream victims. Security experts project years of fallout.

By Matt Kapko • Aug. 9, 2023

Threat actors abuse valid accounts using manual tactics, CrowdStrike says

The research underscores the outsized role and prevalence of legitimate credentials as an entry point for cyberattacks.

By Matt Kapko • Aug. 8, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

tk

By Cybersecurity Dive staff

Ransomware attack on Prospect Medical Holdings impacts hospitals across 4 states

Multiple hospitals in the system are still experiencing complications or closures as of Monday.

By Matt Kapko • Aug. 7, 2023

White House rolls out millions in funding to combat K-12 cyberattacks

Federal officials are meeting with key administrators and technology providers to address a surge in ransomware and other malicious activity facing K-12 schools.

By David Jones • Aug. 7, 2023

Poor access management besets most cloud compromises, Google says

The prevalence of systems with weak access controls underscores a chronic security problem for organizations storing data in the cloud.

By Matt Kapko • Aug. 3, 2023

Hot Topic hit by automated credential stuffing attack spree

The U.S. retail chain doesn’t yet know what personal information was compromised or accessed by the threat actor.

By Matt Kapko • Aug. 2, 2023

Tempur Sealy responding to cyberattack that disrupted operations

The attack occurred almost two months after the company signed an agreement to acquire Mattress Firm, which will position it as one of the world's largest mattress manufacturers.

By Matt Kapko • Aug. 1, 2023

Reddit names seasoned IT security leader as new CISO

The hire of Fredrick “Flee” Lee comes about six months after hackers obtained company data and source code via a sophisticated phishing attack.

By David Jones • July 31, 2023

Valid account credentials are behind most cyber intrusions, CISA finds

The success rate of these techniques underscores the staying power of the most common methods threat actors use to gain initial access to targeted systems.

By Matt Kapko • July 28, 2023

Mandiant finds no evidence of data or cryptocurrency theft in JumpCloud attack

The incident response firm only has insights into one of a handful of downstream victims, but the research suggests the damage may be limited.

By Matt Kapko • July 26, 2023

Average cost of healthcare data breach reaches $11M, report finds

The sector continues to be the most expensive industry for data breaches, with costs increasing 53% since 2020.

By Emily Olsen • July 25, 2023

Investigations are causing data breach costs to skyrocket, IBM finds

Organizations are under mounting pressure to conduct more thorough investigations as the complexity of data breaches grow.

By Matt Kapko • July 24, 2023

Citrix zero day exposes critical infrastructure, one provider hit

Researchers warn thousands of the Citrix NetScaler devices remain vulnerable to attack.

By David Jones • July 24, 2023

Microsoft attackers may have data access beyond Outlook, researchers warn

Microsoft is pushing back on claims by Wiz that compromised private encryption keys may have exposed SharePoint, Teams and OneDrive data to an APT actor.

By David Jones • July 21, 2023

JumpCloud cyberattack hits up to 5 customers, 10 devices

Security researchers attributed the highly targeted attack to a cryptocurrency-seeking APT actor linked to the North Korean government.

By Matt Kapko • July 20, 2023

DDoS attacks, growing more sophisticated, surged in Q2

One of the more serious incidents used a Mirai-variant botnet to unleash an ACK flood DDoS attack that peaked at 1.4 terabits per second, Cloudflare found.

By David Jones • July 19, 2023

Estée Lauder takes down some systems following cyberattack

ALPHV, the ransomware threat actor taking credit for the attack, threatened to reveal more information about the data it claims to have stolen.

By Matt Kapko • July 19, 2023

GoTo, parent company to LastPass, names new CISO

The change in security leadership comes months after the third-party cloud storage service GoTo shares with LastPass was breached.

By Matt Kapko • July 19, 2023

UKG agrees to pay up to $6M in lawsuit tied to 2021 breach

The payroll services provider reached an agreement to settle a class action lawsuit tied to a ransomware attack that targeted its Kronos Private Cloud service.

By Matt Kapko • July 18, 2023

Cyberattack compromised JumpCloud customer environments

The gap between the intrusion and confirmed customer impact suggests the threat actor had access to JumpCloud’s systems for almost two weeks.

By Matt Kapko • Updated July 17, 2023

Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts

The China-linked group, which Microsoft calls Storm-1558, has adopted new techniques after it took steps to disrupt their recent hacking activity.

By David Jones • July 17, 2023

Block known breached passwords from your active directory

99% of users reuse passwords, here's how to keep the breached ones out of your Active Directory

July 17, 2023

MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims

The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.

By Matt Kapko • July 14, 2023

Microsoft warns China-linked APT actor hacked US agency, other email accounts

U.S. officials alerted Microsoft about what emerged as a targeted, monthlong hacking campaign.

By David Jones • July 12, 2023

RomCom uses Word documents in new phishing campaign, Microsoft warns

The hackers are known to use trojanized versions of legitimate software from Adobe, SolarWinds, KeePass and others.

By David Jones • July 12, 2023