Is XDR the next best security solution?

SOCs are still learning about extended detection and response and how to apply it to an existing security stack. But when properly deployed, it's an asset for incident response.

By Samantha Schwartz • Aug. 11, 2021

APT actors target Microsoft 365 using novel techniques

Nation states are combining old techniques with newer methods to establish persistence and steal valuable data from organizations. 

By David Jones • Aug. 6, 2021

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Initial access brokers sell a way in, widening the ransomware market

The most popular network access points sold on the dark web offer insight for security teams to better understand what is most vulnerable to ransomware.

By Samantha Schwartz • Aug. 2, 2021

OT cyberattacks could threaten human safety by 2025: Gartner

Critical infrastructure facilities are struggling to contain sophisticated malware and ransomware threats, Gartner research shows.

By David Jones • July 26, 2021

Why cybersecurity keeps payments executives up at night

Payments are a critical part of the nation's infrastructure, so executives in the industry are under pressure to understand the evolving threat landscape.

By Mercedes Cardona • July 21, 2021

Ransomware defenses fail to prevent attack: report

While 54% of organizations conduct anti-phishing training, 24% of ransomware attacks used phishing as the point of entry, a Cloudian survey found.

By Katie Malone • July 20, 2021

REvil vanished from the internet. But ransomware attackers never fully disappear

The hacking group's absence left echoes of high-profile ransomware attacks in its wake. But few think the group is gone for good. Consider this a brief respite.

By Naomi Eide • July 19, 2021

Cloud targeted in widespread brute force campaign

The defense, logistics and energy sectors are among the various entities under threat by the campaign, which targets organizations using Microsoft Office 365.

By David Jones • July 2, 2021

Cobalt Strike rising in prominence among criminal threat actors

The penetration testing tool became a favored weapon in high-profile campaigns, including SolarWinds and the recent Nobelium email attacks.

By David Jones • July 1, 2021

Spoofing, spear phishing dominate BEC attacks: report

Threat actors are targeting the C-suite and corporate finance departments with the goal of stealing credentials or unleashing malicious payloads. 

By David Jones • June 29, 2021

Microsoft customer service agent briefly hit by fresh Nobelium attacks

The threat actor behind the SolarWinds attacks used brute force and password spraying in a new round of attacks, mainly targeting IT and government agencies.

By David Jones • June 28, 2021

How colleges can be proactive about the ransomware threat

Increased online activity during the pandemic intensified the impact of cyberattacks on higher ed, one expert explains.

By Hallie Busta • June 22, 2021

Biden confronts Putin on cyberattacks, private sector optimistic

The U.S. president drew a line with the Russian leader on critical infrastructure as the countries plan to cooperate on reducing malign activity.

By David Jones • June 17, 2021

CISOs earn higher profile with remote work, evolving threats

Corporate boards are demanding regular updates on the latest threats, while simultaneously asking CISOs to make sure workers meet business objectives in the most secure manner possible.

By David Jones • June 3, 2021

Phishing attack against US government, NGOs shakes assumptions on containment

As federal authorities flex new, aggressive steps to deter malicious activity, analysts warn that an evolving threat actor may challenge industry's ability to trust anything. 

By David Jones • June 2, 2021

Beware open source when going zero trust, expert says

To combat software insecurities, begin with software inventory and a software bill of materials requirement.

By Samantha Schwartz • May 25, 2021

Ransomware seen as top cyberthreat as extortion demands, payouts soar

Two leading threat intelligence experts warned of future risks as U.S. relations with nation-state cyber adversaries hit rock bottom, especially as attackers use shame as a tool. 

By David Jones • May 24, 2021

SolarWinds CEO extends hack timeline, rethinks intern blame

Investigators established the timeline after stumbling upon code that showed the attackers were embedded in the system since the beginning of 2019.

By David Jones • May 20, 2021

Critical infrastructure flaws surface after years of underinvestment, inaction

Providers — particularly in the energy sector — knew the warning signs but were slow to respond.

By David Jones • May 11, 2021

Third-party risk and why it matters

If not monitored or tracked, third-party remote access can expose networks to cyber threats and allow entry to bad actors who can wreak havoc on an organization's internal systems.

May 10, 2021

Targeted industrial control systems add cautionary flag to cyber defense strategies

A Defend Forward strategy used in the IT space may not translate well in the OT environment, according to panelists at the Hack the Capitol conference. 

By David Jones • May 6, 2021

What happens if threat data isn't shared?

Threats only have meaning if companies decide they do; if an organization does not deem a threat serious enough, they can go unshared. 

By Samantha Schwartz • April 30, 2021

Cyberattack on Passwordstate tests confidence in password managers

The supply chain attack is raising questions about how best to deploy and secure the tools as corporations face heightened threats across the globe.

By David Jones • April 27, 2021

Global supply chains grapple with international cyberpowers

Cybersecurity intertwines industry with geopolitics. Governments will have to grapple with how to balance national security, business continuity and intellectual property protection.

By Samantha Schwartz • April 26, 2021

Protect the keys to the kingdom: Email cyberattacks open doors to core assets

Any type of cyberattack is bad news for an organization, but when email servers are breached, cybercriminals have ready access to a company's most sensitive assets. 

By Sue Poremba • April 16, 2021