Threats
-
Threat intelligence isn’t for everyone, Google says
Most security professionals don’t have the time to read a 10-page threat intelligence report, let alone put those insights into action.
By Matt Kapko • March 23, 2023 -
Google Cloud joins FS-ISAC’s critical providers program to share threat intel
The move is part of a wider industry effort to enhance supply chain security in the financial services sector.
By David Jones • March 17, 2023 -
Explore the Trendline➔
TCmake_photo via Getty ImagesTrendlineSecuring the cloud
The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain
By Cybersecurity Dive staff -
Bank failure panic fuels moment of opportunity for threat actors
As regulators step in to operate Silicon Valley Bank, threat hunters and security executives warned organizations to look out for malicious activity.
By Matt Kapko • March 14, 2023 -
CISA launches ransomware warning pilot for critical infrastructure providers
The agency already warned dozens of organizations about ProxyNotShell.
By David Jones • March 14, 2023 -
Threat actors can use ChatGPT, too. Here’s what businesses should watch
While IT departments seek enterprise applications, cyber teams must be on the lookout for attacks using the generative AI technology.
By Lindsey Wilkinson • Feb. 22, 2023 -
Economic volatility to exacerbate cyber risk in 2023
A potential recession could lead to delayed innovation and inadequate budgets for long-term investments, the Bipartisan Policy Center said in a report.
By Matt Kapko • Feb. 14, 2023 -
Companies often operate in dark with little applied threat intelligence
A report by Google Cloud’s Mandiant shows companies are making cybersecurity decisions without a full understanding of what they’re up against.
By David Jones • Feb. 13, 2023 -
Half of executives expect an increase in cyber incidents targeting financial data: report
A poll by Deloitte shows organizations are not well prepared to handle a rise in attacks targeting sensitive accounting and financial information.
By David Jones • Feb. 8, 2023 -
Sports betting apps fumble open source, placing users at risk
On the cusp of Super Bowl 57, researchers from Synopsys warned popular mobile betting apps face a higher than average risk of being hacked.
By David Jones • Feb. 7, 2023 -
Hive takedown puts ‘small dent’ in ransomware problem
Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.
By Matt Kapko • Feb. 6, 2023 -
Threat actors are using remote monitoring software to launch phishing attacks
A joint warning from CISA, the NSA and MS-ISAC warns APT actors could leverage legitimate tools using help-desk themed lures to gain persistence.
By David Jones • Jan. 26, 2023 -
World Economic Forum officials warn global instability could lead to catastrophic cyber event
A report released at the WEF said top business leaders and security experts fear heightened geopolitical tensions could result in a major attack in the next two years.
By David Jones • Jan. 19, 2023 -
Threat actors lure phishing victims with phony salary bumps, bonuses
Multiple campaigns underscore threat actors’ ability to shift tactics and target employees by exploiting current events and themes.
By Matt Kapko • Jan. 19, 2023 -
NRF forms cyberthreat intelligence partnership with RH-ISAC
The world’s largest retail association plans to collaborate on intelligence and advocacy in a heightened environment for ransomware and vulnerabilities.
By David Jones • Jan. 11, 2023 -
6 security experts on what cyberthreats they expect in 2023
Organizations will keep a close eye on geopolitical tension and supply chain attacks. But at the core, the biggest threats are built on mistakes.
By Naomi Eide , Matt Kapko , David Jones • Jan. 6, 2023 -
Rackspace recovers old emails as customers await answers from ransomware probe
The cloud-services company previously said an investigation into the ransomware incident was almost complete, but has not yet released key details.
By David Jones • Dec. 22, 2022 -
Remote, third-party workers raise security risks for enterprises: report
A study on behalf of Talon shows third-party contractors are often engaged in risky behavior, using unmanaged devices or high-risk desktop technologies.
By David Jones • Dec. 21, 2022 -
Incident responders brace for end-of-year cyber scaries
Fears of the next SolarWinds or Log4j-style incident hitting over the holidays have some cybersecurity experts on edge.
By Matt Kapko • Dec. 19, 2022 -
Rackspace blames ransomware attack on financially motivated threat actor
The cloud services firm says an investigation into the Dec. 2 ransomware attack is close to wrapping up.
By David Jones • Dec. 15, 2022 -
Threat actors abuse legitimate Microsoft drivers to bypass security
Researchers from Mandiant and SentinelOne say attackers have deployed malware that can allow them to get around security controls.
By David Jones • Dec. 13, 2022 -
Infostealer malware surges on dark web amid rise in MFA fatigue attacks
Lapsus$, one of the most prolific ransomware actors of 2022, has utilized such tactics to breach a number of high-profile organizations.
By David Jones • Dec. 5, 2022 -
Cyber Safety Review Board to probe Lapsus$ ransomware spree
Following an inaugural review of Log4j, the board will investigate the threat actor’s prolific campaign of cyber extortion against major companies, including Uber, T-Mobile and Nvidia.
By David Jones • Dec. 2, 2022 -
Walmart security, operating at a vast scale, turns to automation
Security operations centers, part of Walmart Global Tech, process 6 trillion data points each year, a feat unattainable through manual methods.
By Naomi Eide • Nov. 30, 2022 -
‘Tis the season for shopping and scams, CISA warns
Adversaries exploit individuals hunting for the best deals online during the holiday shopping season. If a deal looks too good to be true, trust your instincts — it's not.
By Matt Kapko • Nov. 23, 2022 -
K-12 schools lack resources, funding to combat ransomware threat
One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.
By David Jones • Nov. 14, 2022