Censys researchers warn 8,600 BeyondTrust instances still exposed

As authorities investigate a December attack spree, the researchers added the caveat that not all instances are considered vulnerable.

By David Jones • Jan. 3, 2025

Hackers leaked data from Rhode Island ransomware attack, officials warn

A criminal threat group had previously threatened to leak sensitive data from a Deloitte-managed social services database.

By David Jones • Jan. 2, 2025

Treasury Department says state-linked hacker gained access to unclassified data in major attack

The compromise of agency workstations is linked to a previously disclosed compromise of certain BeyondTrust customers.

By David Jones • Dec. 31, 2024

White House says 9th telecom company hit in Salt Typhoon spree

A senior official blamed the intrusions on lax security and said in one case the compromise of a single administrator account led to access of over 100,000 routers.

By Matt Kapko • Dec. 27, 2024

BeyondTrust customers hit by wave of attacks linked to compromised API key

The cybersecurity vendor said an attacker compromised its access-management tool and reset customer passwords.

By Matt Kapko • Dec. 20, 2024

Flagstar fined $3.5M for ‘misleading’ after 2021 cyberattack

The bank “negligently made” materially misleading statements after a hack that resulted in the theft of 1.5 million customers’ personally identifiable information.

By Gabrielle Saulsbery • Dec. 19, 2024

CISA mobile security advice gets personal in wake of telecom intrusions

The agency’s recommendations are not for the technically inept. Yet the extraordinary measures, including the use of encrypted apps, are applicable to all audiences.

By Matt Kapko • Dec. 19, 2024

Pennsylvania representative pitches bill to double cyber assistance for local water systems

The proposed legislation comes amid a surge in ransomware and state-linked attacks against U.S. water utilities.

By David Jones • Dec. 17, 2024

Cleo releases new patch as threat groups ramp up exploitation of critical CVE

Researchers warned that companies primarily in the trucking, food, retail and shipping industries were under attack.

By David Jones • Dec. 12, 2024

Blue Yonder helps restore operations for majority of impacted customers

Starbucks regained access to its employee scheduling platform, while authorities continue to probe claims by a threat group.

By David Jones • Dec. 12, 2024

Krispy Kreme online ordering disrupted by cyberattack

Following an attack on a portion of its IT systems, the chain said it was working to restore online ordering. In-store operations were not impacted.

By Julie Littman • Dec. 11, 2024

SEC cyber incident reporting rule generates 71 filings in 11 months

Most companies that disclosed cyber incidents to the agency did not describe materiality or other useful information, a BreachRx report found.

By Matt Kapko • Dec. 11, 2024

US subsidiary of global water treatment firm probes November cyberattack after data encrypted

Kurita America, a subsidiary of a Tokyo-based company, is the latest in a string of companies tied to the water industry targeted by hackers.

By David Jones • Dec. 10, 2024

Snowflake to phase out single-factor authentication by late 2025

The security policy change starts one year after a wave of attacks targeted more than 100 Snowflake customer environments without MFA.

By Matt Kapko • Dec. 10, 2024

Blue Yonder investigating data leak claim following ransomware attack

The software supply chain company is widening its investigation after Termite ransomware leaked data it claims is linked to the attack.

By David Jones • Dec. 9, 2024

Trump’s pick to run FCC deeply concerned about Salt Typhoon

The recently uncovered swarm of attacks on U.S. telecom companies, part of a China-sponsored campaign, made FCC Commissioner Brendan Carr want to smash his phone, he said.

By Matt Kapko • Dec. 9, 2024

FCC proposes stronger telecom cyber rules as Salt Typhoon fallout continues

The agency’s proposed rule changes come two months after a China-government sponsored espionage campaign first came to light.

By Matt Kapko • Dec. 6, 2024

Morrisons recovers warehouse systems following attack on Blue Yonder

The U.K. supermarket chain was one of several high-profile customers impacted by a ransomware attack against the supply chain management software provider.

By David Jones • Dec. 6, 2024

T-Mobile undeterred as telecom sector reels from attack campaign

Cybersecurity Dive spoke with CSO Jeff Simon about how the carrier says it thwarted a threat group resembling Salt Typhoon despite its past security failures.

By Matt Kapko • Dec. 5, 2024

At least 8 US companies hit in telecom attack spree, officials say

A deputy national security advisor warned that the China-affiliated Salt Typhoon attack spree potentially infiltrated more telecom companies and the threat group still has network access.

By Matt Kapko • Dec. 4, 2024

Ascension reduces operating loss as it rebounds from cyberattack

A sweeping cyberattack this spring took the provider’s electronic health record offline for weeks and led to significant losses.

By Susanna Vogel • Dec. 4, 2024

Feds raise alarm on China-linked infiltration of telecom networks

Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.

By Matt Kapko • Dec. 4, 2024

ENGlobal IT systems impacted by ransomware attack

The attack marks at least the third disruptive cyberattack impacting energy sector providers based in Texas since August.

By Matt Kapko • Dec. 3, 2024

Blue Yonder moves closer to full recovery after November ransomware attack

U.K. supermarket chain Morrisons says its operations are mostly restored, while Blue Yonder is working with other customers to recover operations.

By David Jones • Dec. 2, 2024

New York fines Geico, Travelers $11.3M for pandemic-era breaches

The auto insurance companies were penalized for a series of attacks that exposed the personal data of 120,000 people in late 2020 and early 2021.

By Matt Kapko • Nov. 26, 2024