Cisco releases security fix for widely-exploited IOS XE software vulnerability

An unidentified threat actor is linked to attacks dating back to mid-September, resulting in about 42,000 exploited devices.

By David Jones • Updated Oct. 23, 2023

SMBs seek cyber training, support as attack risk surges

A report from Sage indicates SMBs face considerable obstacles to preventing cyberattacks when compared to larger, higher resourced enterprises.

By David Jones • Oct. 16, 2023

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

By David Jones • Oct. 11, 2023

Cloud giants sound alarm on record-breaking DDoS attacks

Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

By David Jones • Oct. 10, 2023

CISA pivots focus to China-linked threats against critical infrastructure

The agency now considers China the top nation-state threat, after a heavy emphasis on risks related to the Russia-Ukraine war.

By David Jones • Oct. 5, 2023

Cisco routers abused by China-linked hackers against US, Japan companies

A longstanding group, identified as BlackTech, uses custom malware to evade detection and hack into international subsidiaries of U.S. and Japanese firms.

By David Jones • Sept. 28, 2023

Average insider cyberthreat cost spikes 40% in 4 years

Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.

By Alexei Alexis • Sept. 22, 2023

AI is entering the enterprise application security tool stack

Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

By Naomi Eide • Sept. 20, 2023

FBI director urges private sector to work with the agency on cyber threats

Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

By David Jones • Sept. 19, 2023

Security has an underlying defect: passwords and authentication

Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.

By Matt Kapko • Sept. 18, 2023

Generative AI, contactless tech make hotels vulnerable to cyberattacks

Guest and worker turnover, as well as new technology adoption, make the hospitality industry an appealing target for cybercriminals, according to Trustwave SpiderLabs.

By Noelle Mateer • Sept. 8, 2023

Ransoming Linux and ESXi systems is getting easier

Threat actors are using memory-safe languages to release payloads for Windows, Linux and ESXi simultaneously, SentinelOne researchers warn.

By Matt Kapko • Aug. 24, 2023

Barracuda ESG zero-day exploit still under way after patches fail

The FBI said users need to isolate and replace affected appliances as threat actors continue to target the remote command injection vulnerability.

By David Jones • Aug. 24, 2023

Hackers target Pentagon contract site via compromised routers

Research from Black Lotus Labs says the new activity aligns with recent state-linked campaigns, including Volt Typhoon.

By David Jones • Aug. 23, 2023

How disjoined threat intelligence limits companies — and what to do about it

There’s no shortage of research on attackers, but for many CISOs, turning those insights into action is a difficult endeavor.

By Matt Kapko • Aug. 15, 2023

Valid account credentials are behind most cyber intrusions, CISA finds

The success rate of these techniques underscores the staying power of the most common methods threat actors use to gain initial access to targeted systems.

By Matt Kapko • July 28, 2023

TSA revises security directives for oil and gas pipelines to test resilience

The updated requirements come amid heightened threats and security incidents, including the recent attack against Suncor Energy in Canada.

By David Jones • July 27, 2023

Microsoft attackers may have data access beyond Outlook, researchers warn

Microsoft is pushing back on claims by Wiz that compromised private encryption keys may have exposed SharePoint, Teams and OneDrive data to an APT actor.

By David Jones • July 21, 2023

DDoS attacks, growing more sophisticated, surged in Q2

One of the more serious incidents used a Mirai-variant botnet to unleash an ACK flood DDoS attack that peaked at 1.4 terabits per second, Cloudflare found.

By David Jones • July 19, 2023

Microsoft offers free security logs amid backlash from State Department hack

Federal officials and rivals blasted the company for charging customers for additional security features.

By David Jones • July 19, 2023

White House unveils consumer labeling program to strengthen IoT security

The voluntary program is designed to protect millions of consumers and remote workers amid increased threat activity against smart home and IoT devices.

By David Jones • July 18, 2023

Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products

Authorities and researchers warn that attackers could exploit the vulnerabilities for remote takeover and potentially destructive activity.

By David Jones • July 14, 2023

Microsoft warns China-linked APT actor hacked US agency, other email accounts

U.S. officials alerted Microsoft about what emerged as a targeted, monthlong hacking campaign.

By David Jones • July 12, 2023

RomCom uses Word documents in new phishing campaign, Microsoft warns

The hackers are known to use trojanized versions of legitimate software from Adobe, SolarWinds, KeePass and others.

By David Jones • July 12, 2023

JumpCloud abruptly initiates mass API key reset

The company did not specify the nature of the incident, but the sudden decision to reset all API keys could indicate something is amiss, one expert said.

By Matt Kapko • July 10, 2023