Average insider cyberthreat cost spikes 40% in 4 years

Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.

By Alexei Alexis • Sept. 22, 2023

AI is entering the enterprise application security tool stack

Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

By Naomi Eide • Sept. 20, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

High-profile cybersecurity incidents and a rush to adopt new technologies illustrate the tumultuousness of 2023 so far.

By Cybersecurity Dive staff

FBI director urges private sector to work with the agency on cyber threats

Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

By David Jones • Sept. 19, 2023

Security has an underlying defect: passwords and authentication

Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.

By Matt Kapko • Sept. 18, 2023

Generative AI, contactless tech make hotels vulnerable to cyberattacks

Guest and worker turnover, as well as new technology adoption, make the hospitality industry an appealing target for cybercriminals, according to Trustwave SpiderLabs.

By Noelle Mateer • Sept. 8, 2023

Ransoming Linux and ESXi systems is getting easier

Threat actors are using memory-safe languages to release payloads for Windows, Linux and ESXi simultaneously, SentinelOne researchers warn.

By Matt Kapko • Aug. 24, 2023

Barracuda ESG zero-day exploit still under way after patches fail

The FBI said users need to isolate and replace affected appliances as threat actors continue to target the remote command injection vulnerability.

By David Jones • Aug. 24, 2023

Hackers target Pentagon contract site via compromised routers

Research from Black Lotus Labs says the new activity aligns with recent state-linked campaigns, including Volt Typhoon.

By David Jones • Aug. 23, 2023

How disjoined threat intelligence limits companies — and what to do about it

There’s no shortage of research on attackers, but for many CISOs, turning those insights into action is a difficult endeavor.

By Matt Kapko • Aug. 15, 2023

Valid account credentials are behind most cyber intrusions, CISA finds

The success rate of these techniques underscores the staying power of the most common methods threat actors use to gain initial access to targeted systems.

By Matt Kapko • July 28, 2023

TSA revises security directives for oil and gas pipelines to test resilience

The updated requirements come amid heightened threats and security incidents, including the recent attack against Suncor Energy in Canada.

By David Jones • July 27, 2023

Microsoft attackers may have data access beyond Outlook, researchers warn

Microsoft is pushing back on claims by Wiz that compromised private encryption keys may have exposed SharePoint, Teams and OneDrive data to an APT actor.

By David Jones • July 21, 2023

DDoS attacks, growing more sophisticated, surged in Q2

One of the more serious incidents used a Mirai-variant botnet to unleash an ACK flood DDoS attack that peaked at 1.4 terabits per second, Cloudflare found.

By David Jones • July 19, 2023

Microsoft offers free security logs amid backlash from State Department hack

Federal officials and rivals blasted the company for charging customers for additional security features.

By David Jones • July 19, 2023

White House unveils consumer labeling program to strengthen IoT security

The voluntary program is designed to protect millions of consumers and remote workers amid increased threat activity against smart home and IoT devices.

By David Jones • July 18, 2023

Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products

Authorities and researchers warn that attackers could exploit the vulnerabilities for remote takeover and potentially destructive activity.

By David Jones • July 14, 2023

Microsoft warns China-linked APT actor hacked US agency, other email accounts

U.S. officials alerted Microsoft about what emerged as a targeted, monthlong hacking campaign.

By David Jones • July 12, 2023

RomCom uses Word documents in new phishing campaign, Microsoft warns

The hackers are known to use trojanized versions of legitimate software from Adobe, SolarWinds, KeePass and others.

By David Jones • July 12, 2023

JumpCloud abruptly initiates mass API key reset

The company did not specify the nature of the incident, but the sudden decision to reset all API keys could indicate something is amiss, one expert said.

By Matt Kapko • July 10, 2023

Threat group testing more sophisticated DDoS hacks, authorities warn

Hacktivists behind the attacks on Microsoft OneDrive and Azure are claiming recent test disruptions at Stripe, Reddit and EFTPS.  

By David Jones • July 10, 2023

Forecasts and recommendations: Elastic 2023 Global Threat Report Spring

This report summarizes threat trends, forecasts and recommendations based on analysis of millions of real-world telemetry events shared by users around the world.

By Devon Kerr • July 10, 2023

Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn

Threat actors have been leveraging a known vulnerability in Netwrix Auditor to exfiltrate data from targeted entities since May.

By David Jones • July 7, 2023

Petro-Canada reports service restoration after suspected Suncor breach

The gas station chain restored card payments, but hasn’t shared specific details about the disruption. The industry has been under threat from state-linked actors. 

By David Jones • June 29, 2023

AI linked to new crop of business email scams

Businesses can no longer count on bad spelling and grammar to red-flag problem emails: Fraudsters are using AI to craft well-written email messages at scale.

By Alexei Alexis • June 29, 2023

Rubrik, Microsoft partner to leverage generative AI for faster incident response

The collaboration will integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service.

By David Jones • June 28, 2023