Threats


  • The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019
    Image attribution tooltip
    Drew Angerer via Getty Images

    Threat intelligence isn’t for everyone, Google says

    Most security professionals don’t have the time to read a 10-page threat intelligence report, let alone put those insights into action.

    By March 23, 2023
  • Google Cloud VP and CISO Phil Venables
    Image attribution tooltip
    Permission granted by Google

    Google Cloud joins FS-ISAC’s critical providers program to share threat intel

    The move is part of a wider industry effort to enhance supply chain security in the financial services sector.

    By March 17, 2023
  • An illustration of three cartoon people in suits adding files to the cloud, shown through clouds and a computer. Explore the Trendline
    Image attribution tooltip
    TCmake_photo via Getty Images
    Trendline

    Securing the cloud

    The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain

    By Cybersecurity Dive staff
  • Login information attached to large hook hanging in front of computer keyboard.
    Image attribution tooltip
    Philip Steury via Getty Images

    Bank failure panic fuels moment of opportunity for threat actors

    As regulators step in to operate Silicon Valley Bank, threat hunters and security executives warned organizations to look out for malicious activity.

    By March 14, 2023
  • Futuristic electronic semiconductor and telecommunication network concept
    Image attribution tooltip
    Danai Jetawattana via Getty Images

    CISA launches ransomware warning pilot for critical infrastructure providers

    The agency already warned dozens of organizations about ProxyNotShell.

    By March 14, 2023
  • Person using AI-generated chatbot
    Image attribution tooltip
    ipuwadol via Getty Images

    Threat actors can use ChatGPT, too. Here’s what businesses should watch

    While IT departments seek enterprise applications, cyber teams must be on the lookout for attacks using the generative AI technology.

    By Lindsey Wilkinson • Feb. 22, 2023
  • Coin stacks sitting on blue financial graph background.
    Image attribution tooltip
    MicroStockHub via Getty Images

    Economic volatility to exacerbate cyber risk in 2023

    A potential recession could lead to delayed innovation and inadequate budgets for long-term investments, the Bipartisan Policy Center said in a report.

    By Feb. 14, 2023
  • Graphic of digital money transfer symbols overlaid on a map of the world
    Image attribution tooltip
    ArtemisDiana via Getty Images

    Companies often operate in dark with little applied threat intelligence

    A report by Google Cloud’s Mandiant shows companies are making cybersecurity decisions without a full understanding of what they’re up against.

    By Feb. 13, 2023
  • Communication network concept. GUI (Graphical User Interface).
    Image attribution tooltip
    metamorworks via Getty Images

    Half of executives expect an increase in cyber incidents targeting financial data: report

    A poll by Deloitte shows organizations are not well prepared to handle a rise in attacks targeting sensitive accounting and financial information.

    By Feb. 8, 2023
  • Person in hat surrounded by cameras at a press conference
    Image attribution tooltip

    Ross D. Franklin/AP

    Sports betting apps fumble open source, placing users at risk

    On the cusp of Super Bowl 57, researchers from Synopsys warned popular mobile betting apps face a higher than average risk of being hacked.

    By Feb. 7, 2023
  • An image of Federal Bureau of Investigation Director Christopher Wray at a press conference.
    Image attribution tooltip
    Kevin Dietsch/Getty Images via Getty Images

    Hive takedown puts ‘small dent’ in ransomware problem

    Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.

    By Feb. 6, 2023
  • Close-up Portrait of Software Engineer Working on Computer, Line of Code Reflecting in Glasses.
    Image attribution tooltip
    gorodenkoff via Getty Images

    Threat actors are using remote monitoring software to launch phishing attacks

    A joint warning from CISA, the NSA and MS-ISAC warns APT actors could leverage legitimate tools using help-desk themed lures to gain persistence. 

    By Jan. 26, 2023
  • A depiction of computer hardware.
    Image attribution tooltip
    solarseven via Getty Images

    World Economic Forum officials warn global instability could lead to catastrophic cyber event

    A report released at the WEF said top business leaders and security experts fear heightened geopolitical tensions could result in a major attack in the next two years.

    By Jan. 19, 2023
  • Login information attached to large hook hanging in front of computer keyboard.
    Image attribution tooltip
    Philip Steury via Getty Images

    Threat actors lure phishing victims with phony salary bumps, bonuses

    Multiple campaigns underscore threat actors’ ability to shift tactics and target employees by exploiting current events and themes.

    By Jan. 19, 2023
  • Interior shot of a busy mall.
    Image attribution tooltip
    danielvfung via Getty Images

    NRF forms cyberthreat intelligence partnership with RH-ISAC

    The world’s largest retail association plans to collaborate on intelligence and advocacy in a heightened environment for ransomware and vulnerabilities.

    By Jan. 11, 2023
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images

    6 security experts on what cyberthreats they expect in 2023

    Organizations will keep a close eye on geopolitical tension and supply chain attacks. But at the core, the biggest threats are built on mistakes.

    By , , Jan. 6, 2023
  • Workers at a security operations center at Rackspace.
    Image attribution tooltip
    Courtesy of Rackspace Technology

    Rackspace recovers old emails as customers await answers from ransomware probe

    The cloud-services company previously said an investigation into the ransomware incident was almost complete, but has not yet released key details. 

    By Dec. 22, 2022
  • A digital lock on a computer memory board with red and blue lights intersecting
    Image attribution tooltip
    Just_Super via Getty Images

    Remote, third-party workers raise security risks for enterprises: report

    A study on behalf of Talon shows third-party contractors are often engaged in risky behavior, using unmanaged devices or high-risk desktop technologies. 

    By Dec. 21, 2022
  • A Christmas tree with red and gold ornaments and decorative lights in the background is pictured.
    Image attribution tooltip
    Liliboas via Getty Images

    Incident responders brace for end-of-year cyber scaries

    Fears of the next SolarWinds or Log4j-style incident hitting over the holidays have some cybersecurity experts on edge.

    By Dec. 19, 2022
  • Ransomware virus has encrypted data. Attacker is offering key to unlock encrypted data for money.
    Image attribution tooltip
    vchal via Getty Images

    Rackspace blames ransomware attack on financially motivated threat actor

    The cloud services firm says an investigation into the Dec. 2 ransomware attack is close to wrapping up.

    By Dec. 15, 2022
  • Image depicts the implementation of cybersecurity with a lock displayed over a screen.
    Image attribution tooltip
    anyaberkut via Getty Images

    Threat actors abuse legitimate Microsoft drivers to bypass security

    Researchers from Mandiant and SentinelOne say attackers have deployed malware that can allow them to get around security controls. 

    By Dec. 13, 2022
  • A depiction of computer hardware.
    Image attribution tooltip
    solarseven via Getty Images

    Infostealer malware surges on dark web amid rise in MFA fatigue attacks

    Lapsus$, one of the most prolific ransomware actors of 2022, has utilized such tactics to breach a number of high-profile organizations.

    By Dec. 5, 2022
  • A man in a suit stands behind a chair while holding its back.
    Image attribution tooltip
    Chip Somodevilla via Getty Images

    Cyber Safety Review Board to probe Lapsus$ ransomware spree

    Following an inaugural review of Log4j, the board will investigate the threat actor’s prolific campaign of cyber extortion against major companies, including Uber, T-Mobile and Nvidia.

    By Dec. 2, 2022
  • A sign is posted in front of a Walmart store on November 16, 2021 in American Canyon, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images

    Walmart security, operating at a vast scale, turns to automation

    Security operations centers, part of Walmart Global Tech, process 6 trillion data points each year, a feat unattainable through manual methods. 

    By Nov. 30, 2022
  • A man and young woman sit and look at a tablet next to a Christmas tree.
    Image attribution tooltip
    bernardbodo via Getty Images

    ‘Tis the season for shopping and scams, CISA warns

    Adversaries exploit individuals hunting for the best deals online during the holiday shopping season. If a deal looks too good to be true, trust your instincts — it's not.

    By Nov. 23, 2022
  • A row of blue lockers in an empty school hallway.
    Image attribution tooltip
    Stock Photo via Getty Images

    K-12 schools lack resources, funding to combat ransomware threat

    One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

    By Nov. 14, 2022