CISA’s 1,200 pre-ransomware alerts saved organizations millions in damages

The federal agency’s early warning system notified organizations across multiple critical infrastructure sectors of potential impending attacks.

By Matt Kapko • Jan. 19, 2024

Ivanti Connect Secure devices face active exploitation, patch schedule staggered

Unauthenticated attackers can take control of systems by exploiting the zero days, which a suspected state-linked threat actor is chaining together. 

By David Jones • Jan. 11, 2024

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

5 cybersecurity trends to watch in 2024

Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.

By David Jones , Matt Kapko • Jan. 10, 2024

How to ensure data privacy in a ChatGPT world

CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity. 

By Sue Poremba • Jan. 9, 2024

DDoS attack traffic surged in 2023, Cloudflare finds

Elevated malicious DDoS activity coincided with mass exploits of the novel zero-day vulnerability HTTP/2 Rapid Reset, which threat actors used to launch DDoS attacks last year.

By Matt Kapko • Jan. 9, 2024

Fleeting fake delivery phishing campaign targets last-minute shoppers

Text messages disguised as urgent or failed delivery notifications can create tension between impersonated delivery service companies and legitimate customers.

By Matt Kapko • Dec. 22, 2023

Water utility cyberattacks underscore ongoing threat to OT

U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.

By David Jones • Dec. 5, 2023

Authorities raise alarm on threats against water, other critical sectors

An ongoing cyber campaign against Unitronics PLC devices has impacted multiple U.S. water facilities, but authorities are also monitoring energy, healthcare, and food and beverage manufacturing.

By David Jones • Dec. 4, 2023

For financial services firms, a pattern of malicious cyber activity is emerging

The suspected ransomware attack against Fidelity National Financial marks the latest in a series of incidents, leading regulators to take additional enforcement actions.

By David Jones • Nov. 29, 2023

CitrixBleed worries mount as nation state, criminal groups launch exploits

LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.

By David Jones • Nov. 22, 2023

Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend

A rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.

By David Jones • Nov. 21, 2023

Companies are getting smarter about cyber incidents

Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.

By Robert Freedman • Nov. 21, 2023

SMBs hit by rise in legitimate tool-based attacks

Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

By Matt Kapko • Nov. 21, 2023

Dragos again targeted by ransomware group, this time from AlphV

The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.

By David Jones • Nov. 13, 2023

MGM Resorts anticipates no further disruptions from September cyberattack

The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

By David Jones • Nov. 9, 2023

Ransomware targeting casinos is on the rise, FBI warns

Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.

By Matt Kapko • Nov. 9, 2023

Caesars shakes off cyberattack with strong Q3 Las Vegas demand

The casino operator, however, faces extensive litigation and government inquiries following theft of its customer rewards database.

By David Jones • Nov. 1, 2023

Cisco releases security fix for widely-exploited IOS XE software vulnerability

An unidentified threat actor is linked to attacks dating back to mid-September, resulting in about 42,000 exploited devices.

By David Jones • Updated Oct. 23, 2023

SMBs seek cyber training, support as attack risk surges

A report from Sage indicates SMBs face considerable obstacles to preventing cyberattacks when compared to larger, higher resourced enterprises.

By David Jones • Oct. 16, 2023

CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

By David Jones • Oct. 11, 2023

Cloud giants sound alarm on record-breaking DDoS attacks

Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

By David Jones • Oct. 10, 2023

CISA pivots focus to China-linked threats against critical infrastructure

The agency now considers China the top nation-state threat, after a heavy emphasis on risks related to the Russia-Ukraine war.

By David Jones • Oct. 5, 2023

Cisco routers abused by China-linked hackers against US, Japan companies

A longstanding group, identified as BlackTech, uses custom malware to evade detection and hack into international subsidiaries of U.S. and Japanese firms.

By David Jones • Sept. 28, 2023

Average insider cyberthreat cost spikes 40% in 4 years

Outsmarting insiders is a “go-to tactic” for many cyberattackers looking to steal credentials and gain access to critical data, the Ponemon Institute found.

By Alexei Alexis • Sept. 22, 2023

AI is entering the enterprise application security tool stack

Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

By Naomi Eide • Sept. 20, 2023