Threat data sharing considered critical to defense amid rise in sophisticated attacks: report

A Ponemon Institute study shows the value of actionable data as lawmakers and the Biden administration work to encourage intelligence sharing. 

By David Jones • March 24, 2021

SolarWinds threat actors accessing Microsoft 365 by altering permissions

Mandiant observed a threat actor linked to the SolarWinds campaign using a stealthy approach to read email in targeted mailboxes.

By David Jones • March 22, 2021

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

tk

By Cybersecurity Dive staff

Microsoft Exchange fixes arrive, but some companies lack IT resources to repair

Security specialists and managed-service providers are filling the void at thousands of small firms that operate with limited IT and cybersecurity staffing. 

By David Jones • March 19, 2021

SolarWinds compromise leaves Senate questioning agency cyber defenses

Existing cyber defense programs fell short in detecting and defending U.S. agencies, a shortcoming that exacerbated SolarWinds fallout.

By Samantha Schwartz • March 19, 2021

Mimecast migrates to Cisco following supply chain attack

A forensic investigation with FireEye's Mandiant unit confirmed the SolarWinds threat actor did not modify Mimecast's source code.

By David Jones • March 17, 2021

SolarWinds rethinks software builds, weeds out code disparities

An attacker would have to compromise two different environments to achieve the same attack on the same code if a company has reproducibility.

By Samantha Schwartz • March 17, 2021

Ransomware targeting Microsoft Exchange echoes WannaCry — with a human element

This isn't the first time nation-state exploit kits were released and other bad actors took advantage.

By Samantha Schwartz • March 16, 2021

White House looks to tighten private sector coordination, gain infrastructure insight

Following the Microsoft Exchange and SolarWinds attacks, the Biden administration is taking steps to close visibility gaps and encourage rapid intelligence sharing by private sector companies. 

By David Jones • March 15, 2021

Post-SolarWinds, IT departments increase vendor scrutiny

It's still too soon to know the hack's full impact on IT, but so far, security experts report changing relationships with third-party vendors.

By Katie Malone • March 15, 2021

Microsoft deploys more updates to contain Exchange server fallout

The FBI and CISA are warning of additional threats from nation states and threat actors as patching and security updates leave many vulnerable companies exposed. 

By David Jones • March 12, 2021

DearCry ransomware latching onto Exchange hack, Microsoft says

Patching is the only answer — for now.

By Samantha Schwartz • March 12, 2021

Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in

Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.

By David Jones • March 10, 2021

55% of healthcare breaches feature ransomware: report

The healthcare industry is a favored target by cybercriminals: Hospitals cannot tolerate downtime or put off emergency patient care.

By Samantha Schwartz • March 10, 2021

63% of security professionals, execs concerned with SolarWinds hack, survey finds

Before companies overhaul the typical process for building and securing software, SOCs have to figure out if they were a collateral victim of a supply chain hack.

By Samantha Schwartz • March 9, 2021

Microsoft Exchange server compromise escalates as mitigation efforts fall short

Officials warn that patching may not fix compromised systems, while tens of thousands of customers are potentially at risk.

By David Jones • March 8, 2021

3 new malware strains show persistence, sophistication of SolarWinds actor

The malware strains, identified by Microsoft, were used in targeted, late-stage attacks to compromise a select number of companies last year. 

By David Jones • March 5, 2021

Qualys confirms data breach related to Accellion after documents leak

The cloud security firm retained FireEye and insists the breach had no impact on production environments or its code base.

By David Jones • March 4, 2021

Malicious email campaigns target business platforms following remote work surge

Phishing attacks are more becoming targeted, less frequent and use PII to harvest credentials.

By David Jones • March 4, 2021

4 questions to ask after discovering a cyberattack

Identifying signs of an ongoing attack or backdoor deployment is nearly impossible for digital laggards.

By Samantha Schwartz • March 4, 2021

UHS estimates Ryuk ransomware damage cost at $67M

Coding and billing functions were delayed into December, impacting the operating cash flows in Q4, the healthcare organization said.

By Samantha Schwartz • March 2, 2021

Google Cloud enters cyber insurance collaboration with Allianz, Munich Re

The agreement comes amid increased financial pressure on the cyber insurance industry due to a rise in ransomware and the historic nation-state attack against SolarWinds.

By David Jones • March 2, 2021

SolarWinds missed early security warnings

Lawmakers scrutinized SolarWinds' security practices, including its use of "solarwinds123" as a password, a lapse blamed on a former intern. 

By David Jones • March 1, 2021

SolarWinds execs warn of short-term impacts from cyberattack, as renewal rates slow

The company will incur up to $25 million in security-related expenses and declined to provide a full-year earnings outlook.

By David Jones • Feb. 26, 2021

FireEye identifies 2 threat activity clusters behind Accellion hack

The security firm has labeled one activity cluster for exploiting the FTA vulnerabilities and the other for extortion.

By Samantha Schwartz • Feb. 23, 2021

Microsoft says it was not a SolarWinds attack vector, after completing internal probe

The company confirmed limited amounts of source code for Azure, Exchange and Intune were downloaded.

By David Jones • Feb. 19, 2021