Threats


  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Check Point Software customers targeted by hackers using old, local VPN accounts

    The incidents mark the latest attempts to compromise organizations by exploiting vulnerable edge devices used for remote access.

    By May 28, 2024
  • A long curved desk with banks of computer monitors mounted on the wall.
    Image attribution tooltip
    tonymelony via Getty Images
    Image attribution tooltip

    Cyber officials, incident response teams brace for Memorial Day weekend

    The holiday weekend has emerged as a prime opportunity for ransomware attacks as security operations teams scale down for the summer. 

    By May 24, 2024
  • A close up of a cursor arrow hovering over an X on a screen, pixelated with red, blue and green colors. Explore the Trendline
    Image attribution tooltip
    ar-chi via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

    By Cybersecurity Dive staff
  • In an aerial view, cars drive by the San Francisco skyline as they cross the San Francisco-Oakland Bay Bridge on October 27, 2022 in San Francisco, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Popular LLMs are insecure, UK AI Safety Institute warns

    AI models released by “major labs” are highly vulnerable to even basic attempts to circumvent safeguards, the researchers found.

    By Lindsey Wilkinson • May 23, 2024
  • Water rushing out of a pipeline and onto a wheat field.
    Image attribution tooltip
    lnzyx for iStock via Getty Images
    Image attribution tooltip

    EPA to ramp up enforcement as most water utilities lack cyber safeguards

    The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

    By May 21, 2024
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Open source threat intel platform launched weeks after malicious backdoor targeted XZ Utils

    OSSF developed warning system to protect open source maintainers, developers from social engineering, active exploits.

    By May 20, 2024
  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks

    Threat researchers say a financially-motivated attacker has deployed the tool in social-engineering attacks since April.

    By May 17, 2024
  • For technologists speak at a panel on stage
    Image attribution tooltip
    Matt Ashare/Cybersecurity Dive
    Image attribution tooltip

    AI raises CIO cyber anxieties

    Using third-party generative AI products without the proper controls exposes existing security gaps, McKinsey and Co. Partner Jan Shelly Brown said Tuesday at the MIT Sloan CIO Symposium.

    By Matt Ashare • May 17, 2024
  • U.S. National Cyber Director Harry Coker Jr. speaks during keynote at CyberUK 2024.
    Image attribution tooltip
    Permission granted by Matthew Horwood
    Image attribution tooltip

    National Cyber Director echoes past warnings: Nation-state cyber threats are mounting

    State-linked actors with ties to China and Russia are growing more sophisticated in their efforts to disrupt critical infrastructure, Harry Coker Jr. said during a CyberUK conference keynote.

    By May 15, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Only one-third of firms deploy safeguards against generative AI threats, report finds

    Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.

    By Jim Tyson • May 13, 2024
  • A digital outline of a brain with lights emerging from the stem, creating a half circle that looks like the globe.
    Image attribution tooltip
    dem10 via Getty Images
    Image attribution tooltip

    Generative AI is a looming cybersecurity threat

    Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention. 

    By Jen A. Miller , May 8, 2024
  • National Cyber Director Harry Coker speaks in Washington.
    Image attribution tooltip
    Permission granted by Information Technology Industry Council
    Image attribution tooltip

    The US really wants to improve critical infrastructure cyber resilience

    A report from the Office of the National Cyber Director highlights persistent threats targeting healthcare and water, echoing warnings from cyber officials earlier this year. 

    By May 8, 2024
  • Sewage water flowing into river body and polluting the water and environment.
    Image attribution tooltip
    Cinefootage Visuals via Getty Images
    Image attribution tooltip

    Hacktivists exploiting poor cyber hygiene at critical infrastructure providers

    CISA, the FBI and international partner agencies want water, energy, agriculture and other sectors to immediately reset passwords and apply multifactor authentication.

    By May 1, 2024
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Cactus ransomware targets a handful of Qlik Sense CVEs

    Security researchers warn the threat group is ramping up exploitation of previously disclosed flaws in the cloud platform.

    By April 29, 2024
  • Robot and human hands close to each other.
    Image attribution tooltip
    Permission granted by Fortinet
    Image attribution tooltip
    Sponsored by Fortinet

    The top 3 ways AI power supports a dynamic business

    It’s time to welcome a new era of dynamic digital defense. Artificial intelligence (AI) is revolutionizing network security with autonomous learning, holistic collaboration and rapid response capabilities.

    April 29, 2024
  • Printer
    Image attribution tooltip
    Simonkr via Getty Images
    Image attribution tooltip

    Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg

    State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.

    By April 24, 2024
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images
    Image attribution tooltip

    Enterprises are getting better at detecting security incidents

    Google Cloud’s Mandiant saw significant improvements in how organizations track down threats, yet hackers are still abusing common threat vectors.

    By April 23, 2024
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    NSA sounds alarm on AI’s cybersecurity risks

    Attack vectors unique to AI may attract malicious actors on the hunt for sensitive data or intellectual property, the NSA warned.

    By Alexei Alexis • April 19, 2024
  • Computer hacker stealing data from a laptop.
    Image attribution tooltip
    BrianAJackson via Getty Images
    Image attribution tooltip

    Fears rise of social engineering campaign as open source community spots another threat

    Federal officials are said to be investigating potential links between the recent XZ Utils campaign and new threat activity against JavaScript project maintainers.

    By April 16, 2024
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    CISA to big tech: After XZ Utils, open source needs your support

    The attempted malicious backdoor may have been part of a wider campaign using social engineering techniques, the open source community warned.

    By April 15, 2024
  • The Eastern facade of the United States Capitol Building, with the House of the Representative's stair.
    Image attribution tooltip
    3000ad via Getty Images
    Image attribution tooltip

    Federal agencies caught sharing credentials with Microsoft over email

    U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.

    By April 12, 2024
  • FBI Director Christopher Ray speaking at the annual Boston Conference on Cyber Security
    Image attribution tooltip

    Lee Pellegrini, Boston College

    Image attribution tooltip

    FBI director echoes past warnings, as critical infrastructure hacking threat festers

    Chris Wray says adversaries from China, Russia and Iran are ramping up cyber, espionage and other threat activity against key sectors, including water, energy and telecommunications.

    By April 11, 2024
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA assessing threat to federal agencies from Microsoft adversary Midnight Blizzard

    Microsoft previously warned that the Russia-linked threat group was expanding malicious activity following the hack of senior company executives, which it disclosed in January.

    By April 5, 2024
  • A closeup shot of long colorful lines of code on a computer screen.
    Image attribution tooltip
    Wirestock via Getty Images
    Image attribution tooltip

    Motivations behind XZ Utils backdoor may extend beyond rogue maintainer

    Security researchers are raising questions about whether the actor behind an attempted supply chain attack was engaged in a random, solo endeavor.

    By April 2, 2024
  • Anne Neuberger deputy national security advisor for cyber and emerging technologies, speaks at the Billington Cybersecurity Summit with Brad Medairy, EVP, Booz Allen.
    Image attribution tooltip
    Courtesy of Billington CyberSecurity Summit
    Image attribution tooltip

    Water woes: A federal push for cyber mitigation is highlighting the sector’s fault lines

    The water utility industry says they recognize the heightened threat environment, but the current federal push fails to account for their resource constraints.

    By March 28, 2024
  • The welcome screen for the OpenAI "ChatGPT" app is displayed on a laptop screen
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    Security concerns creep into generative AI adoption

    As the AI ecosystem grows and more tools connect to internal data, threat actors have a wider field to introduce vulnerabilities.

    By Lindsey Wilkinson • March 27, 2024