GAO to feds: More coordination needed to strengthen K-12 cybersecurity

The government watchdog said the Ed Department and CISA have “little to no interaction” with other agencies and the K-12 community on cybersecurity.

By Anna Merod • Oct. 25, 2022

Mandiant CEO pledges to automate threat intel under Google

Google’s chops in artificial intelligence, cloud computing and analytics play a central role in Mandiant’s emboldened vision.

By Matt Kapko • Oct. 17, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Lloyd’s, after proactively taking systems offline, finds no evidence of compromise

Lloyd’s plans to restore full service by Wednesday after an investigation with Mandiant, NTT and its internal team.

By Naomi Eide • Oct. 10, 2022

Details emerge on CommonSpirit’s ‘IT security incident’ as more regions report disruptions

Some CommonSpirit hospitals across the country have been cut off from their electronic health records forcing them to revert to paper charts. 

By Samantha Liss • Oct. 5, 2022

State-linked actor targets VMware hypervisors with novel malware

The technique was discovered by Mandiant researchers looking into a campaign designed to avoid EDR detection.

By David Jones • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022

Malicious OAuth applications used to control Exchange tenants in sweepstakes scam

Microsoft researchers said a threat actor launched credential-stuffing attacks against high-risk accounts that failed to deploy multifactor authentication.

By David Jones • Sept. 23, 2022

Stolen single sign-on credentials for major firms available for sale on dark web

Stolen SSO credentials are available for half of the top 20 public companies, and 25% of the entire S&P 500, BitSight found.

By David Jones • Sept. 21, 2022

State education leaders prioritize cybersecurity, but lack funding

In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.

By Anna Merod • Sept. 15, 2022

Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

Cisco Talos researchers observed the advanced persistent threat actor infiltrating networks during a six-month campaign.

By Matt Kapko • Sept. 13, 2022

US Treasury sanctions Iran intelligence agency following Albanian government attack

The Treasury Department said Iran has engaged in malicious cyber activity against government and private sector organizations, including critical infrastructure targets, since at least 2007.

By David Jones • Sept. 12, 2022

Researchers warn older D-Link routers are under threat from Mirai malware variant

Attackers are leveraging vulnerabilities in the devices to build botnets and launch DDoS attacks, according to Palo Alto Networks research.

By David Jones • Sept. 8, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 29, 2022

How does Privileged Access Management work?

The model is a framework to help you set the right PAM foundation and get your organization on the PAM journey, now and in the future.

Aug. 29, 2022

Tips for how to safeguard against third-party attacks

Organizations need to demand and ensure all vendors implement rigorous security measures. Sometimes the least likely tools pose the most risk. 

By Matt Kapko • Aug. 25, 2022

Ransomware attack surges tied to crypto spikes

Not every ransomware attempt leads to a successful attack. But with more attempts comes more potential damage.

By Matt Kapko • Aug. 24, 2022

Credential stuffing hammers US businesses as account data for sale in bulk

Media companies, retailers, restaurant groups and food delivery services are at heightened risk, the FBI said.

By Matt Kapko • Aug. 23, 2022

LockBit ransomware group claims responsibility for Entrust attack

The prolific ransomware gang threatened to publish data stolen during the attack.

By Matt Kapko • Aug. 19, 2022

Mailchimp breach shines new light on digital identity, supply chain risk

Sophisticated threat actors are targeting weak links in the email marketing space to go after vulnerable financial targets.

By David Jones • Aug. 18, 2022

The same old problems nag cybersecurity professionals

Technical complexities abound as the perceived level of risk rises in an unrelenting fashion.

By Matt Kapko • Aug. 17, 2022

How attackers are breaking into organizations

Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.

By Matt Kapko • Aug. 15, 2022

Critical flaws on widely used Cisco firewalls left unpatched for months

Most of the vulnerabilities allow attackers to execute arbitrary code, Rapid7 researchers said.

By David Jones • Aug. 12, 2022

Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

The state of cybersecurity is bad and it’s going to get worse, Chris Krebs said at Black Hat. But somehow things might eventually get better.

By Matt Kapko • Aug. 10, 2022

AWS, Splunk lead open source effort to spot and curb cyberattacks

A broad group of 18 tech companies are collaborating to establish a less cumbersome model for cybersecurity defense coordination.

By Matt Kapko • Aug. 10, 2022

Cloudflare thwarts ‘sophisticated’ phishing attack strategy that bruised Twilio

Dissimilar responses from Cloudflare and Twilio bear important lessons in transparency, resiliency and access.

By Matt Kapko • Aug. 9, 2022