Threats


  • New York Gov. Kathy Hochul at a podium.
    Image attribution tooltip
    (2024). "Pausing Congestion Pricing to Address Affordability and the Cost of Living in New York" [Video]. Retrieved from Governor Kathy Hochul/Youtube.
    Image attribution tooltip

    State CISOs up against a growing threat environment with minimal funding, report finds

    A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.

    By Oct. 2, 2024
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images
    Image attribution tooltip

    Phishing remains cloud intrusion tactic of choice for threat groups

    The long-lasting effectiveness and success of phishing campaigns underscores the most central challenge in cybersecurity — people are the weakest link.

    By Oct. 2, 2024
  • Empty interior of modern security system control room with workstations with multiple displays and big screens mounted on the wall. Explore the Trendlineāž”
    Image attribution tooltip
    .shock via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

    By Cybersecurity Dive staff
  • Anne Neuberger, deputy national security advisor for cyber and emerging technology, speaks at the White House.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    CISA again raises alarm on hacktivist threat to water utilities

    The alert comes just days after an attack against a water treatment facility in Kansas.

    By Sept. 26, 2024
  • an employee looks into a screen showing a chatbot interface
    Image attribution tooltip
    Laurence dutton via Getty Images
    Image attribution tooltip

    Data privacy concerns swirl around generative AI adoption

    IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.

    By Roberto Torres • Sept. 25, 2024
  • Code on a black and white background that appears warped.
    Image attribution tooltip
    HenrikNorway via Getty Images
    Image attribution tooltip

    Dark web exposure is ā€˜highly correlatedā€™ with cyberattack risk

    Organizations that are mentioned in dark web market listings are more than twice as likely to experience an attack, Marsh McLennan found.

    By Alexei Alexis • Sept. 24, 2024
  • A person in a grey sweater hovers over a laptop with their hands.
    Image attribution tooltip
    mapo via Getty Images
    Image attribution tooltip

    Cybersecurity firm flags attack on construction accounting system

    Users of Foundation Software, which serves 43,000 construction pros, may be at risk of intrusion if they still use default credentials, according to cybersecurity firm Huntress.

    By Matthew Thibault • Sept. 20, 2024
  • View of the Seattle skyline
    Image attribution tooltip
    Abbie Parr/Getty Images via Getty Images
    Image attribution tooltip

    Port of Seattle official flags a cyber dilemma, ā€˜one-way streetā€™ with federal agencies

    A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.

    By Sept. 19, 2024
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Open source maintainers, under security pressure, remain largely unpaid after XZ Utils

    A report by Tidelift shows an equity gap remains between open source developers and well-resourced software users who are pushing for higher security standards.

    By Sept. 17, 2024
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Valid accounts remain top access point for critical infrastructure attacks, officials say

    CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.

    By Sept. 17, 2024
  • Two Female Colleagues Fondly Talk to Each Other, Laugh and Smile while Working on Computers in Diverse Modern Business Office
    Image attribution tooltip

    stock.adobe.com/Gorodenkoff

    Image attribution tooltip
    Sponsored by Code42, now a part of Mimecast

    Keeping data secure in the age of generative AI

    Generative AI is reshaping industries, but with innovation comes new data security challenges. Are your cybersecurity practices keeping up?

    By Rob Juncker, CTO of Code42, now part of Mimecast • Sept. 16, 2024
  • Mastercard point of sale, retail
    Image attribution tooltip
    Courtesy of Mastercard
    Image attribution tooltip

    Mastercardā€™s $2.65B Recorded Future acquisition to buttress its security business

    While Mastercard has cybersecurity oversight needs for its cards and payments businesses, it also sells security services to other companies, including banks and fintechs. 

    By Lynne Marek • Sept. 13, 2024
  • AI-washing, Oddity
    Image attribution tooltip
    Poca Wander Stock via Getty Images
    Image attribution tooltip

    Cyber insurance keeps growing, as threats spur competition

    Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.

    By Sept. 9, 2024
  • illegal impersonation
    Image attribution tooltip
    Tero Vesalainen via Getty Images
    Image attribution tooltip

    Deepfake scams escalate, hitting more than half of businesses

    The vast majority of corporate finance professionals, 85%, now view such scams as an “existential” threat, a Medius study found.

    By Alexei Alexis • Sept. 4, 2024
  • exclamation point depicted hovering above network infrastructure
    Image attribution tooltip
    Just_Super/Getty Images via Getty Images
    Image attribution tooltip

    Prolific RansomHub engaged in attack spree, feds warn

    The group has been among the most active threat groups of 2024, and is linked to a tool that can neutralize endpoint security.

    By Sept. 4, 2024
  • Microsoft headquarters in Redmond, Washington.
    Image attribution tooltip
    David Ryder/Getty Images via Getty Images
    Image attribution tooltip

    Microsoft is training developers on the intricacies of threat intelligence

    Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.

    By Sept. 4, 2024
  • Pumpjack (oil derrick) and refinery plant in West Texas.
    Image attribution tooltip
    dszc via Getty Images
    Image attribution tooltip

    Halliburton confirms data stolen in August cyberattack

    The company continues to incur expenses related to the attack, but does not expect a material impact. 

    By Sept. 3, 2024
  • Cloud Computing, Data Center, Server Rack, Connection In Neural Network, Technology - stock photo
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Iran-linked actors ramping up cyberattacks on US critical infrastructure

    Nation-state attacker are exploiting vulnerabilities in products from Check Point Software, Palo Alto Networks and others to attack multiple industries.

    By Sept. 3, 2024
  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs

    Researchers from Black Lotus Labs warn the state-linked adversary is exploiting a vulnerability in Versa Director using custom web shells against the telecom sector.

    By Aug. 28, 2024
  • A pair of binoculars covered with code, indicating a cybersecurity breach
    Image attribution tooltip
    Marco_Piunti via Getty Images
    Image attribution tooltip

    Marketing data security threats are rising: Where CMOs see gaps

    While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG. 

    By Peter Adams • Aug. 23, 2024
  • Broadband connections
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    DDoS attacks surge since late 2023, telecom still in hot seat

    The report comes just weeks after a DDoS attack disrupted Microsoft Azure for about eight hours.

    By Aug. 15, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    M&A activity can amplify ransomware insurance losses, research finds

    The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.

    By Alexei Alexis • Aug. 14, 2024
  • Black Hat logo on display above Michelob Ultra Arena in Las Vegas.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    CrowdStrike snafu was a ā€˜dress rehearsalā€™ for critical infrastructure disruptions, CISA director says

    Despite the disruption, Jen Easterly said the outage was a "useful exercise" to determine the resiliency of critical infrastructure organizations.

    By Aug. 8, 2024
  • A close up of Michael Regan
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems

    The report comes amid a rise in malicious cyberthreats from state-linked and criminal hackers targeting U.S. drinking water and water treatment facilities.

    By Aug. 6, 2024
  • Aerial view of sewage treatment plant
    Image attribution tooltip
    xijian via Getty Images
    Image attribution tooltip
    Sponsored by Rockwell Automation

    Water systems under siege: How CISOs can protect critical infrastructure from cyberthreats

    As regulatory oversight evolves, most CISOs are focused on modernizing and improving OT cybersecurity.

    July 29, 2024
  • The flag of Ukraine pinned on the map. Horizontal orientation. Macro photography.
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Dragos warns of novel malware targeting industrial control systems

    FrostyGoop, the ninth ICS-specific malware observed by Dragos, was linked to a January attack on an energy provider in Ukraine.

    By July 23, 2024