The same old problems nag cybersecurity professionals

Technical complexities abound as the perceived level of risk rises in an unrelenting fashion.

By Matt Kapko • Aug. 17, 2022

How attackers are breaking into organizations

Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.

By Matt Kapko • Aug. 15, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Critical flaws on widely used Cisco firewalls left unpatched for months

Most of the vulnerabilities allow attackers to execute arbitrary code, Rapid7 researchers said.

By David Jones • Aug. 12, 2022

Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

The state of cybersecurity is bad and it’s going to get worse, Chris Krebs said at Black Hat. But somehow things might eventually get better.

By Matt Kapko • Aug. 10, 2022

AWS, Splunk lead open source effort to spot and curb cyberattacks

A broad group of 18 tech companies are collaborating to establish a less cumbersome model for cybersecurity defense coordination.

By Matt Kapko • Aug. 10, 2022

Cloudflare thwarts ‘sophisticated’ phishing attack strategy that bruised Twilio

Dissimilar responses from Cloudflare and Twilio bear important lessons in transparency, resiliency and access.

By Matt Kapko • Aug. 9, 2022

The 11 most-prevalent malware strains of 2021 fuel cybercrime

Cybercriminals remain the most prolific users of malware, wielding these top strains to deliver ransomware and steal data.

By Matt Kapko • Aug. 5, 2022

Ransomware defense guidance risks hang-ups under many steps

Small and mid-sized businesses don’t typically have the resources to meet every safeguard. But every action, however small, helps.

By Matt Kapko • Aug. 4, 2022

Threat actors hide malware in legitimate — and high profile — applications

Researchers from VirusTotal show how attackers use social engineering techniques to launch malicious attacks behind trusted applications.

By David Jones • Aug. 3, 2022

Initial access brokers selling online access to unsuspecting MSPs

The ads for initial access to MSPs follow warnings from the FBI, CISA and intelligence partners from the Five Eyes.

By David Jones • Aug. 2, 2022

Most cyberattacks come from ransomware, email compromise

Attackers are scanning for vulnerabilities in unpatched systems within 15 minutes, stressing the pace and scale of the threat.

By Matt Kapko • Aug. 1, 2022

Threat actors shifting tactics as Microsoft blocks, unblocks and reblocks macros

Proofpoint researchers say criminal hackers are turning to container files and Windows shortcuts to distribute malware.

By David Jones • July 29, 2022

Mandiant red team breaches OT servers to mimic crime group techniques

Researchers are not aware of financially motivated actors using these techniques in the wild.

By David Jones • July 27, 2022

New ransomware discovered using Rust, atypical encryption

Luna’s use of platform-agnostic code allows threat actors to initiate attacks on different operating systems concurrently.

By Matt Kapko • July 20, 2022

LockBit ransomware hitting network servers

The latest tactic used to deploy the prolific malware allows threat actors to end processes, stop services and duplicate more quickly.

By Matt Kapko • July 20, 2022

State-backed threat actors use Google Drive, Dropbox to launch attacks

The Russia-linked threat actor behind the SolarWinds attack used cloud storage services to deploy malicious payloads using Cobalt Strike. 

By David Jones • July 19, 2022

US effort to rip and replace hardware made in China is ballooning in cost

A yearslong push to remove telecom equipment deemed a national security threat continues to vex regulators.

By Matt Kapko • July 18, 2022

CISA releases indicators of compromise for hard-hit VMware Horizon

Federal authorities warn a more complex form of malware is providing advanced persistent threat actors with vast command and control capabilities.

By Matt Kapko • July 18, 2022

Cyber insurers split on what’s most important in a security posture assessment

To keep up with demand, cyber insurers acknowledge the need to rethink the underwriting process, research from Panaseer shows.

By Naomi Eide • July 15, 2022

Threat actors favor brute force attacks to hit cloud services

Google Cloud warned that organizations face their greatest threat due to weak passwords and vulnerable software.

By Matt Kapko • July 12, 2022

How CISOs can prepare for new and unpredictable cyberthreats

CISOs often ask, “How do I avoid being hit by the next major cyberattack?” The problem is, that’s the wrong question.  

By Jeremy D’Hoinne • July 11, 2022

What to watch with 5G network security

For wireless network carriers, 5G is a model of what’s next. But it also introduces features and services that dramatically expand the threat surface.

By Matt Kapko • July 8, 2022

Hive ransomware group migrates code to Rust, accelerating data encryption

Microsoft warns the newly discovered variant of one of the most prevalent ransomware payloads can process large amounts of data more quickly.

By Matt Kapko • July 6, 2022

Threat actors capitalize on red team tool capable of bypassing EDR, antivirus

A malware sample uploaded to VirusTotal contained a malicious payload Brute Ratel C4. Upon evaluation, 56 vendors gave it a clean bill of health.

By David Jones • July 6, 2022

Google TAG exposes hack-for-hire groups targeting activists and sensitive data

The organizations have operated in regions across the globe, with some openly advertising their services.

By David Jones • July 5, 2022