Data privacy concerns swirl around generative AI adoption

IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.

By Roberto Torres • Sept. 25, 2024

Dark web exposure is ‘highly correlated’ with cyberattack risk

Organizations that are mentioned in dark web market listings are more than twice as likely to experience an attack, Marsh McLennan found.

By Alexei Alexis • Sept. 24, 2024

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Cybersecurity firm flags attack on construction accounting system

Users of Foundation Software, which serves 43,000 construction pros, may be at risk of intrusion if they still use default credentials, according to cybersecurity firm Huntress.

By Matthew Thibault • Sept. 20, 2024

Port of Seattle official flags a cyber dilemma, ‘one-way street’ with federal agencies

A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.

By Matt Kapko • Sept. 19, 2024

Open source maintainers, under security pressure, remain largely unpaid after XZ Utils

A report by Tidelift shows an equity gap remains between open source developers and well-resourced software users who are pushing for higher security standards.

By David Jones • Sept. 17, 2024

Valid accounts remain top access point for critical infrastructure attacks, officials say

CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.

By Matt Kapko • Sept. 17, 2024

Keeping data secure in the age of generative AI

Generative AI is reshaping industries, but with innovation comes new data security challenges. Are your cybersecurity practices keeping up?

By Rob Juncker, CTO of Code42, now part of Mimecast • Sept. 16, 2024

Mastercard’s $2.65B Recorded Future acquisition to buttress its security business

While Mastercard has cybersecurity oversight needs for its cards and payments businesses, it also sells security services to other companies, including banks and fintechs. 

By Lynne Marek • Sept. 13, 2024

Cyber insurance keeps growing, as threats spur competition

Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.

By David Jones • Sept. 9, 2024

Deepfake scams escalate, hitting more than half of businesses

The vast majority of corporate finance professionals, 85%, now view such scams as an “existential” threat, a Medius study found.

By Alexei Alexis • Sept. 4, 2024

Prolific RansomHub engaged in attack spree, feds warn

The group has been among the most active threat groups of 2024, and is linked to a tool that can neutralize endpoint security.

By David Jones • Sept. 4, 2024

Microsoft is training developers on the intricacies of threat intelligence

Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.

By Matt Kapko • Sept. 4, 2024

Halliburton confirms data stolen in August cyberattack

The company continues to incur expenses related to the attack, but does not expect a material impact. 

By David Jones • Sept. 3, 2024

Iran-linked actors ramping up cyberattacks on US critical infrastructure

Nation-state attacker are exploiting vulnerabilities in products from Check Point Software, Palo Alto Networks and others to attack multiple industries.

By David Jones • Sept. 3, 2024

Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs

Researchers from Black Lotus Labs warn the state-linked adversary is exploiting a vulnerability in Versa Director using custom web shells against the telecom sector.

By David Jones • Aug. 28, 2024

Marketing data security threats are rising: Where CMOs see gaps

While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG. 

By Peter Adams • Aug. 23, 2024

DDoS attacks surge since late 2023, telecom still in hot seat

The report comes just weeks after a DDoS attack disrupted Microsoft Azure for about eight hours.

By David Jones • Aug. 15, 2024

M&A activity can amplify ransomware insurance losses, research finds

The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.

By Alexei Alexis • Aug. 14, 2024

CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says

Despite the disruption, Jen Easterly said the outage was a "useful exercise" to determine the resiliency of critical infrastructure organizations.

By Matt Kapko • Aug. 8, 2024

Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems

The report comes amid a rise in malicious cyberthreats from state-linked and criminal hackers targeting U.S. drinking water and water treatment facilities.

By David Jones • Aug. 6, 2024

Water systems under siege: How CISOs can protect critical infrastructure from cyberthreats

As regulatory oversight evolves, most CISOs are focused on modernizing and improving OT cybersecurity.

July 29, 2024

Dragos warns of novel malware targeting industrial control systems

FrostyGoop, the ninth ICS-specific malware observed by Dragos, was linked to a January attack on an energy provider in Ukraine.

By David Jones • July 23, 2024

CrowdStrike, Microsoft scramble to contain fallout from global IT outage

Cybersecurity and IT experts said users are having major difficulties in recovery efforts, despite workarounds and guidance the vendors released.

By David Jones • July 22, 2024

76% of SaaS companies use ‘dark patterns,’ analysis finds

With federal regulators and states clamping down on the practice, companies might take a hard look at how they’re presenting information on their websites and in their apps.

By Robert Freedman • July 11, 2024

Risk escalates as communication channels proliferate

The chance of losing data to a breach rises in tandem with the number of channels — like email and file sharing — that an organization uses.

By Robert Freedman • July 10, 2024