The Latest
-
sgoodwin4813 via Getty Images
Rhode Island officials warn residents as ransomware group threatens social services data leak
The personal data of hundreds of thousands of vulnerable residents is at risk after a threat group attacked a state social services database.
-
Adam Gray via Getty Images
CISA orders federal agencies to meet security baselines in Microsoft 365
The mandate to secure cloud environments is responsive to recent cybersecurity incidents, but not one specific threat, agency officials said.
Updated Dec. 18, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA’s pre-ransomware alerts nearly doubled in 2024
The federal agency’s efforts to improve defenses surged in fiscal year 2024. Yet, attacks continue to climb.
-
Joe Cicak via Getty Images
Pennsylvania representative pitches bill to double cyber assistance for local water systems
The proposed legislation comes amid a surge in ransomware and state-linked attacks against U.S. water utilities.
-
Techa Tungateja via Getty Images
Cleo releases CVE for actively exploited flaw in file-transfer software
Researchers confirmed a new zero-day vulnerability is separate from a flaw originally disclosed in October. A notorious ransomware group linked itself to the attacks.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA, ONCD propose updated National Cyber Incident Response Plan
The updated framework is designed to bolster the government’s partnership with private-sector organizations in the wake of an attack.
-
gorodenkoff via Getty Images
Security community raises concern as Cleo file-transfer CVE delayed
After the company urged users to patch a critical flaw, researchers are asking about the lack of a CVE and additional guidance.
-
Drew Angerer/Getty Images via Getty Images
Sen. Wyden wants FCC to tighten security rules on telecom companies
The U.S. senator from Oregon wants the agency to strengthen rules requiring network operators to defend their systems and customers against intrusions.
-
Adam Gray / Stringer via Getty Images
Executives see another CrowdStrike-level IT outage on the horizon
IT and business leaders admit to prioritizing security at the expense of service disruption readiness, a PagerDuty report found.
-
iStock / Getty Images Plus via Getty Images
Cleo releases new patch as threat groups ramp up exploitation of critical CVE
Researchers warned that companies primarily in the trucking, food, retail and shipping industries were under attack.
-
Permission granted by Grubhub/Starbucks
Blue Yonder helps restore operations for majority of impacted customers
Starbucks regained access to its employee scheduling platform, while authorities continue to probe claims by a threat group.
-
gorodenkoff via Getty Images
Critical flaw in Cleo file-transfer software is under mass exploitation
The company is working on a new patch and CVE as an existing patch for a previously disclosed vulnerability is not providing adequate protection.
Updated Dec. 11, 2024 -
Brandon Bell via Getty Images
Krispy Kreme online ordering disrupted by cyberattack
Following an attack on a portion of its IT systems, the chain said it was working to restore online ordering. In-store operations were not impacted.
-
Photo illustration: Industry Dive; US Securities and Exchange Commission
SEC cyber incident reporting rule generates 71 filings in 11 months
Most companies that disclosed cyber incidents to the agency did not describe materiality or other useful information, a BreachRx report found.
-
Permission granted by Snowflake
Snowflake to phase out single-factor authentication by late 2025
The security policy change starts one year after a wave of attacks targeted more than 100 Snowflake customer environments without MFA.
-
Sara Samora/Cybersecurity Dive
US subsidiary of global water treatment firm probes November cyberattack after data encrypted
Kurita America, a subsidiary of a Tokyo-based company, is the latest in a string of companies tied to the water industry targeted by hackers.
-
iStock / Getty Images Plus via Getty Images
Credit risk rising as attackers strike larger companies: Moody’s
Cybercriminals are deploying generative AI tools in their efforts at ransomware and fraud, Moody’s Ratings said.
-
Kevin Dietsch / Getty Images via Getty Images
Trump’s pick to run FCC deeply concerned about Salt Typhoon
The recently uncovered swarm of attacks on U.S. telecom companies, part of a China-sponsored campaign, made FCC Commissioner Brendan Carr want to smash his phone, he said.
-
Getty Images via Getty Images
Blue Yonder investigating data leak claim following ransomware attack
The software supply chain company is widening its investigation after Termite ransomware leaked data it claims is linked to the attack.
-
Chip Somodevilla/Getty Images via Getty Images
FCC proposes stronger telecom cyber rules as Salt Typhoon fallout continues
The agency’s proposed rule changes come two months after a China-government sponsored espionage campaign first came to light.
-
Christopher Furlong via Getty Images
Morrisons recovers warehouse systems following attack on Blue Yonder
The U.K. supermarket chain was one of several high-profile customers impacted by a ransomware attack against the supply chain management software provider.
-
Adam Gray / Stringer via Getty Images
For IT pros, the CrowdStrike crisis was a ‘call to arms’
The global outage triggered investments in people, processes and technologies to beef up enterprise resilience, Adaptavist research found.
-
Anna Moneymaker/Getty Images via Getty Images
Q&AT-Mobile undeterred as telecom sector reels from attack campaign
Cybersecurity Dive spoke with CSO Jeff Simon about how the carrier says it thwarted a threat group resembling Salt Typhoon despite its past security failures.
-
Drew Angerer via Getty Images
At least 8 US companies hit in telecom attack spree, officials say
A deputy national security advisor warned that the China-affiliated Salt Typhoon attack spree potentially infiltrated more telecom companies and the threat group still has network access.
-
Jinli Guo/Getty Images via Getty Images
Feds raise alarm on China-linked infiltration of telecom networks
Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.
