The value of threat modeling in an evolving security landscape

The flow of information is more unpredictable than it was just a few years ago, so the threat modeling that was once used doesn't work today. 

By Sue Poremba • Nov. 29, 2021

Enterprises prepare for ransomware threats during Thanksgiving

Retail, transportation and other sectors are bracing for heightened cyber risks, placing renewed pressure on security operations. 

By David Jones • Nov. 22, 2021

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Data resilience: The new frontier of modern day protection

With data under constant stress, now is the time to shift from data protection to data resiliency.

By Stephen Manley, CTO, Druva • Nov. 22, 2021

ICS security investments blocked by management confusion

Until cyber risks in operational technology are better understood — and IT and OT can overcome cultural differences — companies can stall additional investments.  

By Samantha Schwartz • Nov. 10, 2021

Ransomware actors attempt to toy with stock valuation, disrupt M&A, FBI says

The agency warns that threat actors are trying to access time sensitive information in order to force targeted companies into making fast decisions on whether to pay a ransom. 

By David Jones • Nov. 3, 2021

Most companies dealing with employee misuse of business apps: report

Nearly half of organizations say they lack the ability to see how remote workers are using business applications that contain high-value data.

By David Jones • Nov. 2, 2021

Hackers could crash the US power grid, but money, not sabotage, is their focus

For now, the capability remains in the hands of nation-state actors. But "sophistication can ultimately be bought," Edison Electric Institute's Scott Aaronson said.

By Robert Walton • Nov. 2, 2021

SolarWinds threat actor targets cloud services, Microsoft 365 mailboxes

The threat actor is using a tactic called EWS impersonation to target mailboxes in Microsoft 365 and is also using cloud service providers to target end users, Mandiant researchers said. 

By David Jones • Nov. 1, 2021

Identity crisis: Why ransomware groups rebrand — and disappear

Criminals are not known for telling the truth, but what they say is usually the only explanation for a disappearance. Even if it is a lie.

By Samantha Schwartz • Oct. 28, 2021

Cyberattacks spur demand for cyber insurance: Moody's

"This is a critical area that we're challenged with," Securities and Exchange Commission Chair Gary Gensler said, describing the agency’s sharper focus on cyber risk.

By Jim Tyson • Oct. 22, 2021

Federal agencies warn of ransomware targeting water, wastewater treatment plants

Months after the attack on a Florida water treatment plant, the FBI, CISA and other agencies are concerned about a new round of threats to vulnerable municipal sites.

By David Jones • Oct. 18, 2021

2021 ransomware bitcoin activity eclipses last year, Treasury finds

The number of suspicious activity report transactions is already up 30% over 2020 numbers and the agency has tracked billions of dollars in outgoing bitcoin payments potentially linked to ransomware.

By Samantha Schwartz • Oct. 18, 2021

Cybersecurity tool sprawl leading to burnout, false positives: report

Security operations teams are wasting time on false alerts due to managing a high number of tools that don't interact well with each other, Trend Micro found.

By David Jones • Oct. 13, 2021

Insider threat environment faces challenges amid changing corporate landscape

As remote work becomes permanent and employee turnover rises, companies face additional challenges in protecting sensitive data, according to a panel discussion at Mandiant Cyber Defense Summit.

By David Jones • Oct. 6, 2021

NIST urges supply chain to include cyber in risk management

Industries that rely heavily on technology are the best at incorporating cyber in their supply chain risk management plans, according to NIST's Jon Boyens.

By Samantha Schwartz • Oct. 5, 2021

REvil, DarkSide highlight surge in Q2 ransomware attacks: report

The government sector saw more ransomware attacks, while financial services companies faced increased threats in the cloud, according to McAfee Enterprise research.

By David Jones • Oct. 4, 2021

With remote work, any employee could be an insider threat. How is CISA mitigating the risk?

CISA released a self-assessment tool which organizations can use to generate reports on their tolerance and capabilities for preventing insider threats. 

By Samantha Schwartz • Sept. 30, 2021

Microsoft, under attack from threat actors, positions itself as cyber guardian

The pandemic created more business opportunity, but malicious actors dogged the company's technology stack. Now, the very same products touted as security defense tools are under fire. 

By David Jones • Sept. 29, 2021

Microsoft warns of new credential-stealing backdoor from SolarWinds threat actor

The newly identified malware, called FoggyWeb, has been observed since April and is used to steal from compromised AD FS servers. 

By David Jones • Sept. 28, 2021

Ransomware compromises customer data in farm co-op attack

A Minnesota-based co-op became the second agricultural firm in recent days to be the target of ransomware, just weeks after the FBI and CISA warned of a wider threat to the industry.

By David Jones • Updated Sept. 24, 2021

After 400 attacks, feds warn of Conti ransomware

Nearly a year after U.S. security agencies warned the healthcare sector about Ryuk, the same threat actors are reemerging as a risk to businesses.

By Samantha Schwartz • Sept. 23, 2021

Enterprises plan major investments as remote work escalates security risk: report

Companies face significant challenges in managing security as the work-from-home model moves from an emergency stopgap to a more permanent environment. 

By David Jones • Sept. 22, 2021

Treasury sanctions crypto exchange Suex in push to thwart ransomware

While more legal measures await international cybercrime, the government is sending interim messages to ransomware gangs.

By Samantha Schwartz • Sept. 22, 2021

Fortinet credential drop linked to fissure in ransomware group

Researchers linked a new ransomware syndicate called Groove to the Fortinet VPN credential dump, following a rift involving affiliates of Babuk.

By David Jones • Sept. 10, 2021

Ransomware capitalizes on holiday weekends. Feds urge vigilance over Labor Day

The FBI and CISA implored companies and agencies to backup data and use proactive threat-hunting measures to mitigate any potential attacks. 

By David Jones • Sept. 1, 2021