Threats: Page 3


  • cybersecurity, talent shortage, retention, leadership
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Ivanti Connect Secure devices face active exploitation, patch schedule staggered

    Unauthenticated attackers can take control of systems by exploiting the zero days, which a suspected state-linked threat actor is chaining together. 

    By Jan. 11, 2024
  • Rendering of digital data code in safety security technology concept.
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    5 cybersecurity trends to watch in 2024

    Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.

    By , Jan. 10, 2024
  • A close up of a cursor arrow hovering over an X on a screen, pixelated with red, blue and green colors. Explore the Trendline
    Image attribution tooltip
    ar-chi via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

    By Cybersecurity Dive staff
  • The welcome screen for the OpenAI ChatGPT app is displayed on a laptop screen.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    How to ensure data privacy in a ChatGPT world

    CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity. 

    By Sue Poremba • Jan. 9, 2024
  • Exclamation mark depicted over code.
    Image attribution tooltip
    WhataWin/Getty Images via Getty Images
    Image attribution tooltip

    DDoS attack traffic surged in 2023, Cloudflare finds

    Elevated malicious DDoS activity coincided with mass exploits of the novel zero-day vulnerability HTTP/2 Rapid Reset, which threat actors used to launch DDoS attacks last year.

    By Jan. 9, 2024
  • Santa Claus
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Fleeting fake delivery phishing campaign targets last-minute shoppers

    Text messages disguised as urgent or failed delivery notifications can create tension between impersonated delivery service companies and legitimate customers.

    By Dec. 22, 2023
  • A round industrial building behind a pool of water with a walkway over top
    Image attribution tooltip
    (2008). Retrieved from Environmental Protection Agency.
    Image attribution tooltip

    Water utility cyberattacks underscore ongoing threat to OT

    U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.

    By Dec. 5, 2023
  • A wastewater treatment plant powered by wind turbines and solar panels near Atlantic City in New Jersey, USA. Aerial elevated view at the sunset.
    Image attribution tooltip
    Alex Potemkin via Getty Images
    Image attribution tooltip

    Authorities raise alarm on threats against water, other critical sectors

    An ongoing cyber campaign against Unitronics PLC devices has impacted multiple U.S. water facilities, but authorities are also monitoring energy, healthcare, and food and beverage manufacturing.

    By Dec. 4, 2023
  • A close up of the Department of Treasury seal on the front of the headquarters with "the Department of Treasury" and "1789" on an outer circle and a shield with the scales of justice up top and a key.
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    For financial services firms, a pattern of malicious cyber activity is emerging

    The suspected ransomware attack against Fidelity National Financial marks the latest in a series of incidents, leading regulators to take additional enforcement actions.

    By Nov. 29, 2023
  • Exterior of Citrix office complex.
    Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images
    Image attribution tooltip

    CitrixBleed worries mount as nation state, criminal groups launch exploits

    LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.

    By Nov. 22, 2023
  • Black Friday weekend 25% off discount banner in a boutique.
    Image attribution tooltip
    Shaun Taylor via Getty Images
    Image attribution tooltip

    Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend

    A rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.

    By Nov. 21, 2023
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    SMBs hit by rise in legitimate tool-based attacks

    Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

    By Nov. 21, 2023
  • A series of hexagonal blocks with locks on them, one of which is broken, with a red background.
    Image attribution tooltip
    Andrii Yalanskyi via Getty Images
    Image attribution tooltip

    Companies are getting smarter about cyber incidents

    Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.

    By Robert Freedman • Nov. 21, 2023
  • Brightly colored digital lock with central computer processor and futuristic circuit board.
    Image attribution tooltip
    da-kuk via Getty Images
    Image attribution tooltip

    Dragos again targeted by ransomware group, this time from AlphV

    The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.

    By Nov. 13, 2023
  • Exterior of MGM Grand Hotel & Casino in Las Vegas
    Image attribution tooltip
    Ethan Miller via Getty Images
    Image attribution tooltip

    MGM Resorts anticipates no further disruptions from September cyberattack

    The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

    By Nov. 9, 2023
  • A croupier holds poker cards in his hands at a table in a casino.
    Image attribution tooltip
    Lacheev via Getty Images
    Image attribution tooltip

    Ransomware targeting casinos is on the rise, FBI warns

    Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.

    By Nov. 9, 2023
  • An exterior image of a hotel
    Image attribution tooltip
    Robert Mora via Getty Images
    Image attribution tooltip

    Caesars shakes off cyberattack with strong Q3 Las Vegas demand

    The casino operator, however, faces extensive litigation and government inquiries following theft of its customer rewards database.

    By Nov. 1, 2023
  • Teacher Giving Computer Science Lecture to Diverse Multiethnic Group of Female and Male Students in Dark College Room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Cisco releases security fix for widely-exploited IOS XE software vulnerability

    An unidentified threat actor is linked to attacks dating back to mid-September, resulting in about 42,000 exploited devices.

    By Updated Oct. 23, 2023
  • SEC reporting
    Image attribution tooltip
    Kobus Louw via Getty Images
    Image attribution tooltip

    SMBs seek cyber training, support as attack risk surges

    A report from Sage indicates SMBs face considerable obstacles to preventing cyberattacks when compared to larger, higher resourced enterprises.

    By Oct. 16, 2023
  • Double exposure shot of backside of a computer and red binary codes.
    Image attribution tooltip
    Suebsiri via Getty Images
    Image attribution tooltip

    CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

    Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

    By Oct. 11, 2023
  • Header image for "43% of Audit Executives Rank Cybersecurity Controls as 2023's Lead Risk"
    Image attribution tooltip
    Colin Anderson Productions pty ltd
    Image attribution tooltip

    Cloud giants sound alarm on record-breaking DDoS attacks

    Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

    By Oct. 10, 2023
  • Jen Easterly speaks during a fireside chat at the Billington Cybersecurity Summit.
    Image attribution tooltip
    Courtesy of Billington
    Image attribution tooltip

    CISA pivots focus to China-linked threats against critical infrastructure

    The agency now considers China the top nation-state threat, after a heavy emphasis on risks related to the Russia-Ukraine war.

    By Oct. 5, 2023
  • Brightly colored digital lock with central computer processor and futuristic circuit board.
    Image attribution tooltip
    da-kuk via Getty Images
    Image attribution tooltip

    Cisco routers abused by China-linked hackers against US, Japan companies

    A longstanding group, identified as BlackTech, uses custom malware to evade detection and hack into international subsidiaries of U.S. and Japanese firms.

    By Sept. 28, 2023
  • Group of employees at a table
    Image attribution tooltip
    AndreyPopov via Getty Images
    Image attribution tooltip

    Average insider cyberthreat cost spikes 40% in 4 years

    Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.

    By Alexei Alexis • Sept. 22, 2023
  • Chatbot conversation. Person using online customer service with chat bot to get support. Artificial intelligence and CRM software automation technology. Virtual assistant on internet.
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    AI is entering the enterprise application security tool stack

    Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

    By Sept. 20, 2023
  • FBI Director Chris Wray addresses the 2023 mWISE Conference from Mandiant.
    Image attribution tooltip
    Courtesy of Mandiant
    Image attribution tooltip

    FBI director urges private sector to work with the agency on cyber threats

    Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

    By Sept. 19, 2023