Threats
-
FBI, CISA warn of heightened risk of BEC attacks during holiday season
Authorities encouraged prompt reporting, which can help recover stolen payments.
By David Jones • Nov. 27, 2024 -
Sponsored by Center for Internet Security
Countering multidimensional threats: lessons learned from the 2024 election
In 2024, election officials and law enforcement shared intelligence closely to counter complex threats.
Nov. 18, 2024 -
Trendline
Risk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
Sponsored by Imprivata
The company you keep: your most trusted vendor could be your biggest security risk
Your trusted vendor might be your biggest security risk. Learn how to mitigate third-party threats.
By Joel Burleson-Davis, SVP Worldwide Engineering, Cyber, Imprivata • Nov. 11, 2024 -
AI increases fraud risk, fintechs say
Financial firms monitor for fraud by looking for unusual activity, but an artificial intelligence model can be trained to transact like a real person.
By Patrick Cooley • Nov. 5, 2024 -
Enterprise executives cite AI-assisted attacks as top emerging risk, Gartner finds
The analyst firm’s survey underscores growing concern about potential, yet unrealized, scenarios involving AI’s potential role in attacks.
By Matt Kapko • Nov. 4, 2024 -
Iran-linked attackers hit critical infrastructure with brute force
CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.
By Matt Kapko • Oct. 17, 2024 -
State CISOs up against a growing threat environment with minimal funding, report finds
A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.
By David Jones • Oct. 2, 2024 -
Phishing remains cloud intrusion tactic of choice for threat groups
The long-lasting effectiveness and success of phishing campaigns underscores the most central challenge in cybersecurity — people are the weakest link.
By Matt Kapko • Oct. 2, 2024 -
CISA again raises alarm on hacktivist threat to water utilities
The alert comes just days after an attack against a water treatment facility in Kansas.
By David Jones • Sept. 26, 2024 -
Data privacy concerns swirl around generative AI adoption
IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.
By Roberto Torres • Sept. 25, 2024 -
Dark web exposure is ‘highly correlated’ with cyberattack risk
Organizations that are mentioned in dark web market listings are more than twice as likely to experience an attack, Marsh McLennan found.
By Alexei Alexis • Sept. 24, 2024 -
Cybersecurity firm flags attack on construction accounting system
Users of Foundation Software, which serves 43,000 construction pros, may be at risk of intrusion if they still use default credentials, according to cybersecurity firm Huntress.
By Matthew Thibault • Sept. 20, 2024 -
Port of Seattle official flags a cyber dilemma, ‘one-way street’ with federal agencies
A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.
By Matt Kapko • Sept. 19, 2024 -
Open source maintainers, under security pressure, remain largely unpaid after XZ Utils
A report by Tidelift shows an equity gap remains between open source developers and well-resourced software users who are pushing for higher security standards.
By David Jones • Sept. 17, 2024 -
Valid accounts remain top access point for critical infrastructure attacks, officials say
CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.
By Matt Kapko • Sept. 17, 2024 -
Sponsored by Code42, now a part of Mimecast
Keeping data secure in the age of generative AI
Generative AI is reshaping industries, but with innovation comes new data security challenges. Are your cybersecurity practices keeping up?
By Rob Juncker, CTO of Code42, now part of Mimecast • Sept. 16, 2024 -
Mastercard’s $2.65B Recorded Future acquisition to buttress its security business
While Mastercard has cybersecurity oversight needs for its cards and payments businesses, it also sells security services to other companies, including banks and fintechs.
By Lynne Marek • Sept. 13, 2024 -
Cyber insurance keeps growing, as threats spur competition
Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.
By David Jones • Sept. 9, 2024 -
Deepfake scams escalate, hitting more than half of businesses
The vast majority of corporate finance professionals, 85%, now view such scams as an “existential” threat, a Medius study found.
By Alexei Alexis • Sept. 4, 2024 -
Prolific RansomHub engaged in attack spree, feds warn
The group has been among the most active threat groups of 2024, and is linked to a tool that can neutralize endpoint security.
By David Jones • Sept. 4, 2024 -
Microsoft is training developers on the intricacies of threat intelligence
Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.
By Matt Kapko • Sept. 4, 2024 -
Halliburton confirms data stolen in August cyberattack
The company continues to incur expenses related to the attack, but does not expect a material impact.
By David Jones • Sept. 3, 2024 -
Iran-linked actors ramping up cyberattacks on US critical infrastructure
Nation-state attacker are exploiting vulnerabilities in products from Check Point Software, Palo Alto Networks and others to attack multiple industries.
By David Jones • Sept. 3, 2024 -
Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs
Researchers from Black Lotus Labs warn the state-linked adversary is exploiting a vulnerability in Versa Director using custom web shells against the telecom sector.
By David Jones • Aug. 28, 2024 -
Marketing data security threats are rising: Where CMOs see gaps
While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG.
By Peter Adams • Aug. 23, 2024