Threats
-
Cyber insurance keeps growing, as threats spur competition
Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.
By David Jones • Sept. 9, 2024 -
Deepfake scams escalate, hitting more than half of businesses
The vast majority of corporate finance professionals, 85%, now view such scams as an “existential” threat, a Medius study found.
By Alexei Alexis • Sept. 4, 2024 -
Trendline
Securing the cloud
A host of new technologies and a spate of incidents at top providers means businesses have even more cloud security conundrums to consider.
By Cybersecurity Dive staff -
Prolific RansomHub engaged in attack spree, feds warn
The group has been among the most active threat groups of 2024, and is linked to a tool that can neutralize endpoint security.
By David Jones • Sept. 4, 2024 -
Microsoft is training developers on the intricacies of threat intelligence
Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.
By Matt Kapko • Sept. 4, 2024 -
Halliburton confirms data stolen in August cyberattack
The company continues to incur expenses related to the attack, but does not expect a material impact.
By David Jones • Sept. 3, 2024 -
Iran-linked actors ramping up cyberattacks on US critical infrastructure
Nation-state attacker are exploiting vulnerabilities in products from Check Point Software, Palo Alto Networks and others to attack multiple industries.
By David Jones • Sept. 3, 2024 -
Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs
Researchers from Black Lotus Labs warn the state-linked adversary is exploiting a vulnerability in Versa Director using custom web shells against the telecom sector.
By David Jones • Aug. 28, 2024 -
Marketing data security threats are rising: Where CMOs see gaps
While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG.
By Peter Adams • Aug. 23, 2024 -
DDoS attacks surge since late 2023, telecom still in hot seat
The report comes just weeks after a DDoS attack disrupted Microsoft Azure for about eight hours.
By David Jones • Aug. 15, 2024 -
M&A activity can amplify ransomware insurance losses, research finds
The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.
By Alexei Alexis • Aug. 14, 2024 -
CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says
Despite the disruption, Jen Easterly said the outage was a "useful exercise" to determine the resiliency of critical infrastructure organizations.
By Matt Kapko • Aug. 8, 2024 -
Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems
The report comes amid a rise in malicious cyberthreats from state-linked and criminal hackers targeting U.S. drinking water and water treatment facilities.
By David Jones • Aug. 6, 2024 -
Sponsored by Rockwell Automation
Water systems under siege: How CISOs can protect critical infrastructure from cyberthreats
As regulatory oversight evolves, most CISOs are focused on modernizing and improving OT cybersecurity.
July 29, 2024 -
Dragos warns of novel malware targeting industrial control systems
FrostyGoop, the ninth ICS-specific malware observed by Dragos, was linked to a January attack on an energy provider in Ukraine.
By David Jones • July 23, 2024 -
CrowdStrike, Microsoft scramble to contain fallout from global IT outage
Cybersecurity and IT experts said users are having major difficulties in recovery efforts, despite workarounds and guidance the vendors released.
By David Jones • July 22, 2024 -
76% of SaaS companies use ‘dark patterns,’ analysis finds
With federal regulators and states clamping down on the practice, companies might take a hard look at how they’re presenting information on their websites and in their apps.
By Robert Freedman • July 11, 2024 -
Risk escalates as communication channels proliferate
The chance of losing data to a breach rises in tandem with the number of channels — like email and file sharing — that an organization uses.
By Robert Freedman • July 10, 2024 -
Microsoft warns of elevated risk in Rockwell Automation PanelView Plus CVEs
Microsoft researchers warn the vulnerabilities can be exploited, potentially resulting in remote code execution and denial of service.
By David Jones • July 3, 2024 -
Cisco Nexus devices zero day raises alarms despite CVSS score
Though the NX-OS CVE only has a 6.0 score, a suspected espionage actor is deploying custom malware to exploit a command injection vulnerability in a range of switching devices.
By David Jones • July 2, 2024 -
Cybersecurity is now a top concern for auto industry, report finds
Automotive leaders fear exposure to threats will worsen as the sector invests more in technology to drive efficiencies, Rockwell Automation found.
By Kalena Thomhave • July 2, 2024 -
Microsoft alerts additional customers of state-linked threat group attacks
The company told customers the Midnight Blizzard attacks disclosed in January were more widespread than previously known.
By David Jones • June 28, 2024 -
Is the cybersecurity industry ready for AI?
As cybersecurity teams focus on how to thwart threat actors, they are missing the risks around the data they are sharing willingly.
By Sue Poremba • June 24, 2024 -
IT pros worry over the data that fuels AI
More than 2 in 5 technologists have already had a negative AI experience, according to a SolarWinds survey.
By Matt Ashare • June 20, 2024 -
MFA plays a rising role in major attacks, research finds
Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.
By David Jones • June 18, 2024 -
Cyberattacks pose mounting risks to creditworthiness: Moody’s
“As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.
By Jim Tyson • June 6, 2024