‘Tis the season for shopping and scams, CISA warns

Adversaries exploit individuals hunting for the best deals online during the holiday shopping season. If a deal looks too good to be true, trust your instincts — it's not.

By Matt Kapko • Nov. 23, 2022

K-12 schools lack resources, funding to combat ransomware threat

One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

By David Jones • Nov. 14, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Citrix CVEs need urgent security updates, CISA says

Though there's no active exploitation yet, Tenable researchers warn they expect threat actors to target the Citrix systems in the near term.

By David Jones • Nov. 10, 2022

Face it, password policies and managers are not protecting users

Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

By Sue Poremba • Nov. 7, 2022

No, your CEO is not texting you

Everyone wants to stay on good terms with their employer. Threat actors know this too, and they exploit this weakness accordingly. Don’t fall for it.

By Matt Kapko • Nov. 3, 2022

Industrial providers ramp up cyber risk posture as OT threats evolve

The majority of industrial organizations have increased OT security budgets and conducted security audits but aging technology and staffing woes persist, a new report found. 

By David Jones • Oct. 31, 2022

GAO to feds: More coordination needed to strengthen K-12 cybersecurity

The government watchdog said the Ed Department and CISA have “little to no interaction” with other agencies and the K-12 community on cybersecurity.

By Anna Merod • Oct. 25, 2022

Mandiant CEO pledges to automate threat intel under Google

Google’s chops in artificial intelligence, cloud computing and analytics play a central role in Mandiant’s emboldened vision.

By Matt Kapko • Oct. 17, 2022

Lloyd’s, after proactively taking systems offline, finds no evidence of compromise

Lloyd’s plans to restore full service by Wednesday after an investigation with Mandiant, NTT and its internal team.

By Naomi Eide • Oct. 10, 2022

Details emerge on CommonSpirit’s ‘IT security incident’ as more regions report disruptions

Some CommonSpirit hospitals across the country have been cut off from their electronic health records forcing them to revert to paper charts. 

By Samantha Liss • Oct. 5, 2022

State-linked actor targets VMware hypervisors with novel malware

The technique was discovered by Mandiant researchers looking into a campaign designed to avoid EDR detection.

By David Jones • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022

Malicious OAuth applications used to control Exchange tenants in sweepstakes scam

Microsoft researchers said a threat actor launched credential-stuffing attacks against high-risk accounts that failed to deploy multifactor authentication.

By David Jones • Sept. 23, 2022

Stolen single sign-on credentials for major firms available for sale on dark web

Stolen SSO credentials are available for half of the top 20 public companies, and 25% of the entire S&P 500, BitSight found.

By David Jones • Sept. 21, 2022

State education leaders prioritize cybersecurity, but lack funding

In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.

By Anna Merod • Sept. 15, 2022

Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

Cisco Talos researchers observed the advanced persistent threat actor infiltrating networks during a six-month campaign.

By Matt Kapko • Sept. 13, 2022

US Treasury sanctions Iran intelligence agency following Albanian government attack

The Treasury Department said Iran has engaged in malicious cyber activity against government and private sector organizations, including critical infrastructure targets, since at least 2007.

By David Jones • Sept. 12, 2022

Researchers warn older D-Link routers are under threat from Mirai malware variant

Attackers are leveraging vulnerabilities in the devices to build botnets and launch DDoS attacks, according to Palo Alto Networks research.

By David Jones • Sept. 8, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 29, 2022

How does Privileged Access Management work?

The model is a framework to help you set the right PAM foundation and get your organization on the PAM journey, now and in the future.

Aug. 29, 2022

Tips for how to safeguard against third-party attacks

Organizations need to demand and ensure all vendors implement rigorous security measures. Sometimes the least likely tools pose the most risk. 

By Matt Kapko • Aug. 25, 2022

Ransomware attack surges tied to crypto spikes

Not every ransomware attempt leads to a successful attack. But with more attempts comes more potential damage.

By Matt Kapko • Aug. 24, 2022

Credential stuffing hammers US businesses as account data for sale in bulk

Media companies, retailers, restaurant groups and food delivery services are at heightened risk, the FBI said.

By Matt Kapko • Aug. 23, 2022

LockBit ransomware group claims responsibility for Entrust attack

The prolific ransomware gang threatened to publish data stolen during the attack.

By Matt Kapko • Aug. 19, 2022

Mailchimp breach shines new light on digital identity, supply chain risk

Sophisticated threat actors are targeting weak links in the email marketing space to go after vulnerable financial targets.

By David Jones • Aug. 18, 2022