Threats: Page 2
-
HHS warns industry about resurfaced ransomware group after attack on cancer center
In a cybersecurity notification, the department warned the sector about TimisoaraHackerTeam, or THT, after an attack on a U.S. cancer center that “significantly reduced” its capability to treat patients.
By Emily Olsen • June 21, 2023 -
Barracuda ESG devices actively exploited in broad, ongoing espionage campaign
The campaign is the broadest by a China-nexus actor since the mass exploitation of Microsoft Exchange in 2021, Mandiant researchers said.
By David Jones • Updated June 15, 2023 -
Explore the Trendline➔
da-kuk via Getty ImagesTrendlineTop 5 stories from Cybersecurity Dive
High-profile cybersecurity incidents and a rush to adopt new technologies illustrate the tumultuousness of 2023 so far.
By Cybersecurity Dive staff -
Microsoft review of Azure outage shows spike in HTTP requests as researchers blame DDoS
The Azure incident followed a series of outages in Outlook, OneDrive and other services last week. An alleged hacktivist group claimed responsibility for DDoS attacks.
By David Jones • June 14, 2023 -
Microsoft says Azure disrupted after a week of repeated service outages
The vendor is still investigating claims of DDoS attacks by a hacktivist group called Anonymous Sudan, after OneDrive, Outlook and other services were disrupted.
By David Jones • June 12, 2023 -
Microsoft investigating threat actor claims following multiple outages in 365, OneDrive
A hacktivist group known as Anonymous Sudan has claimed to be involved in DDoS attacks.
By David Jones • June 9, 2023 -
Cyber insurance market is stabilizing as growth remains certain, Moody’s says
Escalating price increases have moderated as the business has become profitable. Insurance firms are placing tight controls regarding cyber hygiene practices.
By David Jones • June 8, 2023 -
Cybercriminals target C-suite, family members with sophisticated attacks
A study by BlackCloak and Ponemon shows senior executives are being targeted for IP theft, doxxing and extortion, often through home office networks.
By David Jones • June 5, 2023 -
Moody’s cites credit risk from state-backed cyber intrusions into US critical infrastructure
Key sectors could face short-term revenue impacts and long-term reputational harm and litigation risk, the credit ratings service said.
By David Jones • May 31, 2023 -
Ahead of summer holiday weekends, IT security leaders brace for deliberate cyber mischief
Recent history shows holiday weekends and vacations provide an attack surface bonanza for threat actors.
By David Jones • May 26, 2023 -
SMBs, regional MSPs under fire from targeted phishing attacks
Sophisticated cybercriminals are attacking vulnerable target rich and resource poor organizations to reach secondary victims via phishing campaigns, Proofpoint researchers warn.
By Matt Kapko • May 24, 2023 -
BEC attacks rise as criminal hackers employ new tactics to evade detection
Threat actors are using cybercrime as a service to grow industrial strength campaigns and leveraging residential IP addresses.
By David Jones • May 23, 2023 -
Criminal actors switch tactics after Microsoft began to block macros last year
Researchers from Proofpoint have seen a rise in HTML smuggling, PDFs and OneNote files for malware delivery since late 2022.
By David Jones • May 12, 2023 -
Ransomware insurance claims jump back up
Ransomware claims filed by U.S. clients of insurance broker Marsh spiked 77% in the first quarter, following a downward trend in 2022.
By Alexei Alexis • May 10, 2023 -
CISO anxiety returns amid heightened concern of material cyberattacks
A report by Proofpoint shows a brief sense of calm about cyber has slipped away amid rising fears of economic uncertainty and insider threats.
By David Jones • May 9, 2023 -
Western Digital confirms customer data accessed by hackers in attack
The company has begun notifying customers about stolen data and expects to restore its online store next week.
By David Jones • May 8, 2023 -
Companies need a wakeup call to fix chronic security shortcomings, cyber experts say
One researcher wonders if the industry needs another Snowden-like moment to spring organizations into action.
By Matt Kapko • May 3, 2023 -
Merck cyber coverage upheld in NotPetya decision, seen as victory for policyholders
A court victory in the closely watched insurance case is expected to stabilize a turbulent market and provide some assurance for organizations amid a rise in nation-state activity.
By David Jones • May 3, 2023 -
3 areas of generative AI the NSA is watching in cybersecurity
Generative AI is a “technological explosion,” NSA Cybersecurity Director Rob Joyce said. While it is game changing, it hasn’t yet delivered.
By Matt Kapko • May 1, 2023 -
Organizations are boosting resilience, getting faster at incident response
While the number of data security incidents remained level between 2021 and 2022, companies improved recovery thanks to stronger security measures, BakerHostetler found.
By David Jones • May 1, 2023 -
Teenagers, young adults pose prevalent cyberthreat to US, Mandiant says
The brains behind high-profile attacks last year, teenagers and young adults use sophisticated social engineering techniques for intrusions.
By Matt Kapko • April 25, 2023 -
Early warning threat information platform launched for OT
The platform will provide a vendor-agnostic option for sharing early threat information and intelligence across industries, the group said Monday.
By David Jones • April 24, 2023 -
Threat actors can use ChatGPT to sharpen cyberthreats, but no need to panic yet
Startling dangers, such as autonomous attack mechanisms and sophisticated malware coding, have yet to materialize. For now, the threat is more specific.
By Matt Kapko • April 21, 2023 -
3CX attack caused by another supply chain attack, Mandiant says
Mandiant Consulting CTO Charles Carmakal called the incident very novel and quite scary after the firm traced the attack to a previous compromise in financial trading software from Trading Technologies.
By Matt Kapko • April 20, 2023 -
Microsoft summons weather events to name threat actors
Under the new taxonomy, a blizzard or typhoon designation represents a nation-state actor and financially motivated threat actors fall under the family name tempest.
By Matt Kapko • April 19, 2023 -
Opinion
ChatGPT at work: What’s the cyber risk for employers?
The use of ChatGPT could run afoul of company policy, copyright concerns, customer confidentiality or even international privacy laws, BlackBerry’s CISO writes. Here’s what businesses should consider.
By Arvind Raman • April 11, 2023