Threats: Page 18
-
SolarWinds threat actors accessing Microsoft 365 by altering permissions
Mandiant observed a threat actor linked to the SolarWinds campaign using a stealthy approach to read email in targeted mailboxes.
By David Jones • March 22, 2021 -
Microsoft deploys more updates to contain Exchange server fallout
The FBI and CISA are warning of additional threats from nation states and threat actors as patching and security updates leave many vulnerable companies exposed.
By David Jones • March 12, 2021 -
Explore the Trendline➔
.shock via Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
DearCry ransomware latching onto Exchange hack, Microsoft says
Patching is the only answer — for now.
By Samantha Schwartz • March 12, 2021 -
What's in your software? Federal initiative targets frequently overlooked electric utility vulnerabilities
Software supply chain issues are the subject of a new collaboration between the electric power sector and federal government.
By Robert Walton • March 11, 2021 -
Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in
Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.
By David Jones • March 10, 2021 -
55% of healthcare breaches feature ransomware: report
The healthcare industry is a favored target by cybercriminals: Hospitals cannot tolerate downtime or put off emergency patient care.
By Samantha Schwartz • March 10, 2021 -
How do companies assess risk? It's a system-by-system question
Every piece of technology is vulnerable to threat actors, but each organization and cybersecurity team decides which software and technology adds risk to its business operations.
By Sue Poremba • March 9, 2021 -
Microsoft Exchange server compromise escalates as mitigation efforts fall short
Officials warn that patching may not fix compromised systems, while tens of thousands of customers are potentially at risk.
By David Jones • March 8, 2021 -
3 new malware strains show persistence, sophistication of SolarWinds actor
The malware strains, identified by Microsoft, were used in targeted, late-stage attacks to compromise a select number of companies last year.
By David Jones • March 5, 2021 -
Traitov/iStock/Getty via Getty Images
Malicious email campaigns target business platforms following remote work surge
Phishing attacks are more becoming targeted, less frequent and use PII to harvest credentials.
By David Jones • March 4, 2021 -
What makes ransomware a constant enterprise pain point
Threat groups mimic and manipulate the tactics, techniques and procedures of other groups, making ransomware attacks more difficult to prevent.
By Samantha Schwartz • March 3, 2021 -
Stock Photo via Getty Images
Exploited Microsoft Exchange campaign hits hundreds of organizations, researchers find
The nation-state campaign, which Microsoft has linked to China, have targeted on-premises Exchange server vulnerabilities to steal U.S. enterprise data.
By David Jones • March 3, 2021 -
SolarWinds missed early security warnings
Lawmakers scrutinized SolarWinds' security practices, including its use of "solarwinds123" as a password, a lapse blamed on a former intern.
By David Jones • March 1, 2021 -
Courtesy of Target
How Target bridges communication gaps between threat intel analysis, detection teams
The WAVE matrix, a tool the retailer built in-house, is transferable to smaller teams with employees covering multiple security domains.
By Samantha Schwartz • Feb. 25, 2021 -
Cloud is a haven for malware, Netskope finds
Phishing and malware pushed companies to focus on protecting endpoints and assessing cloud storage security, especially in a remote work environment.
By Samantha Schwartz • Feb. 24, 2021 -
Apple faces malware threats as it makes an enterprise push
Apple made recent inroads with corporate customers and is detailing extensive security upgrades as a way of attracting the enterprise. Through it all, new techniques test the company's defenses.
By David Jones • Feb. 23, 2021 -
An, Min. Retrieved from Pexels.
Universities, companies battle the same cyberthreats, toppled by sophisticated actors
BlueVoyant research shows top U.S. schools have major weaknesses defending against the most common threats: ransomware and data breaches.
By Samantha Schwartz • Feb. 23, 2021 -
Microsoft says it was not a SolarWinds attack vector, after completing internal probe
The company confirmed limited amounts of source code for Azure, Exchange and Intune were downloaded.
By David Jones • Feb. 19, 2021 -
Adeline Kon for Cybersecurity Dive/Cybersecurity Dive
How can data manipulation impact the bottom line?
Factoring disinformation into a threat model can allow a company to combat lies and protect its reputation.
By Samantha Schwartz • Feb. 17, 2021 -
Ransomware, poor security drove spike in healthcare breaches in 2020
A rise in ransomware and phishing attacks led to a 55% increase in healthcare breaches last year, according to Bitglass.
By David Jones • Feb. 17, 2021 -
One-third of analysts ignore security alerts, survey finds
With an ever-increasing number of alerts, identifying what to ignore is an impossible mission without scalable technology.
By Samantha Schwartz • Feb. 16, 2021 -
Organizations running SolarWinds Orion online drops 25% since December: report
A report by RiskRecon shows only 8% of entities operating on the internet actually upgraded to later versions based on SolarWinds security recommendations.
By David Jones • Feb. 12, 2021 -
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.
Software supply chain hacks highlight an ugly truth: The build process is broken
Software makers are coming to terms with security gaps they knew existed as the fallout from the SolarWinds hack continues.
By Samantha Schwartz • Feb. 11, 2021 -
Open source blind trust the culprit in ethical breach of 35 companies
Microsoft, one of the breached companies, encourages organizations to use controlled scopes, namespaces or prefixes to protect package names.
By Samantha Schwartz • Feb. 10, 2021 -
sestovic via Getty Images
Long-term SolarWinds consequencesSolarWinds fallout turns security eye to Microsoft Office 365
Office 365 has been linked to incidents ranging from points of compromise to the unauthorized email access of government officials.
By David Jones • Feb. 9, 2021
Previous
