Microsoft to overhaul internal security practices after Midnight Blizzard attack

After Microsoft disclosed a state-sponsored actor stole data from senior executives, experts are raising questions about its security capabilities and practices.

By David Jones • Jan. 22, 2024

LoanDepot ransomware attack exposes data on almost 17M customers

The number of individuals impacted makes it the most widespread compromise of customer data in the spree of attacks targeting the real estate sector.

By Matt Kapko • Jan. 22, 2024

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

Ivanti Connect Secure exploitation accelerates as Moody’s calls impact credit negative

A suspected state-linked hacker is manipulating an integrity tool used to check systems as customers still await an initial patch.

By David Jones • Jan. 19, 2024

Progress Software shakes off MOVEit’s financial consequences, maintains customers

Executives described the file-transfer service as one of its stronger performing products and said customers remain loyal.

By Matt Kapko • Jan. 18, 2024

Ivanti Connect Secure exploitation accelerates, 1,700 devices compromised worldwide

Researchers warn additional threat actors are actively working to take advantage of two chained together vulnerabilities.

By David Jones • Jan. 17, 2024

Wealthy countries boast superior cyber defenses

A nation’s economic prosperity is directly linked to greater defense capabilities, but no country is overachieving in cyber defense, according to SecurityScorecard.

By Matt Kapko • Jan. 17, 2024

Progress Software’s MOVEit meltdown: uncovering the fallout

Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.

By Matt Kapko , Julia Himmel • Jan. 16, 2024

Elevated ransomware activity hit nearly 5,200 organizations in 2023

While ransomware activity remains high, the number of unique ransomware families used for these attacks decreased by more than half, Rapid7 researchers found.

By Matt Kapko • Jan. 12, 2024

Ivanti Connect Secure attacks part of deliberate espionage operation

Researchers warn the previously unknown actor has developed custom malware designed to maintain persistent access on targeted networks and evade detection.

By David Jones • Jan. 12, 2024

Ivanti Connect Secure devices face active exploitation, patch schedule staggered

Unauthenticated attackers can take control of systems by exploiting the zero days, which a suspected state-linked threat actor is chaining together. 

By David Jones • Jan. 11, 2024

5 cybersecurity trends to watch in 2024

Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.

By David Jones , Matt Kapko • Jan. 10, 2024

Fidelity National Financial cyberattack impacts up to 1.3M customers

While data was stolen and the company faces lawsuits, it does not consider the attack material to the business.

By David Jones • Jan. 10, 2024

DDoS attack traffic surged in 2023, Cloudflare finds

Elevated malicious DDoS activity coincided with mass exploits of the novel zero-day vulnerability HTTP/2 Rapid Reset, which threat actors used to launch DDoS attacks last year.

By Matt Kapko • Jan. 9, 2024

LoanDepot caught in mortgage industry cyberattack spree

The non-bank mortgage lender is the fourth major real estate industry organization hit by a cyberattack since late October.

By Matt Kapko • Jan. 8, 2024

Merck reaches settlement in closely watched NotPetya insurance case

The pharmaceutical giant previously won a New Jersey court decision involving $700 million of a $1.4 billion dispute over war-exclusions language related to the attack.

By David Jones • Jan. 8, 2024

Extent of a cyber specialist law firm’s data breach grows

A two-week long breach exposed a trove of highly sensitive information on Orrick’s clients. The pool of victims quadrupled between its July and December disclosures.

By Matt Kapko • Jan. 5, 2024

Xerox discloses a subsidiary’s breach following ransomware claim of data theft

Inc, a relatively new threat group, previously claimed to have stolen company data.

By David Jones • Jan. 3, 2024

First American Financial confirms threat actors stole and encrypted data

The title insurance giant said the cyberattack is contained, but it is still working to determine whether the incident will have a material impact.

By David Jones • Updated Jan. 4, 2024

Fleeting fake delivery phishing campaign targets last-minute shoppers

Text messages disguised as urgent or failed delivery notifications can create tension between impersonated delivery service companies and legitimate customers.

By Matt Kapko • Dec. 22, 2023

First American Financial takes systems offline after cyber incident

The incident comes just weeks after the title insurance firm reached a $1 million settlement with New York state financial regulators for a massive 2019 data breach that impacted 885 million customer records.

By David Jones • Updated Dec. 27, 2023

Notorious ransomware group tussles with law enforcement, regenerates after takedown

The on-again, off-again appearance of AlphV’s threats on the dark web underscore the difficulties law enforcement agencies confront in their disruption efforts.

By Matt Kapko • Dec. 20, 2023

US leads AlphV ransomware infrastructure takedown

Law enforcement released a decryptor for the prolific threat group and ransomware affiliate service behind some of 2023’s most high-profile attacks.

By Matt Kapko • Dec. 19, 2023

Comcast’s Xfinity discloses massive data breach linked to CitrixBleed vulnerability

The breach, involving 35.9 million customers, took place just a week after Citrix released a patch for a critical flaw.

By David Jones • Dec. 19, 2023

Cyberattack on VF Corp. disrupts order fulfillment

The attack on the company last week, which owns Vans and The North Face, also resulted in data theft. 

By Laurel Deppen • Dec. 18, 2023

Mr. Cooper cyberattack hits every current — and former — customer

The mortgage servicer expects vendor expenses related to its response and recovery to reach $25 million this quarter. Almost 14.7 million people were impacted.

By Matt Kapko • Dec. 18, 2023