Cyberattacks


  • Anne Neuberger, deputy national security advisor for cyber and emerging technology, speaks at the White House.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    At least 8 US companies hit in telecom attack spree, officials say

    A deputy national security advisor warned that the China-affiliated Salt Typhoon attack spree potentially infiltrated more telecom companies and the threat group still has network access.

    By Dec. 4, 2024
  • An illustration of a large dollar coin with medical supplies flying in the foreground is positioned on an analysis tracking chart background.
    Image attribution tooltip

    Illustration: Xavier Lalanne-Tauzia for Industry Dive

    Image attribution tooltip

    Ascension reduces operating loss as it rebounds from cyberattack

    A sweeping cyberattack this spring took the provider’s electronic health record offline for weeks and led to significant losses.

    By Susanna Vogel • Dec. 4, 2024
  • An abstract photo copy background in black and white. Explore the Trendline
    Image attribution tooltip
    BNMK0819 via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

    By Cybersecurity Dive staff
  • Engineer repairs 5G cell tower.
    Image attribution tooltip
    Jinli Guo/Getty Images via Getty Images
    Image attribution tooltip

    Feds raise alarm on China-linked infiltration of telecom networks

    Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.

    By Dec. 4, 2024
  • Abstract black and white monochrome art with surreal funnel.
    Image attribution tooltip
    Philipp Tur/Getty Images Plus via Getty Images
    Image attribution tooltip

    ENGlobal IT systems impacted by ransomware attack

    The attack marks at least the third disruptive cyberattack impacting energy sector providers based in Texas since August.

    By Dec. 3, 2024
  • Shoppers buy groceries at Morrison's in 2020 during the Covid-19 lockdown.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    Blue Yonder moves closer to full recovery after November ransomware attack

    U.K. supermarket chain Morrisons says its operations are mostly restored, while Blue Yonder is working with other customers to recover operations.

    By Dec. 2, 2024
  • New York Attorney General Letitia James attends a press conference on July 31, 2023, in New York City.
    Image attribution tooltip
    Michael M. Santiago / Staff via Getty Images
    Image attribution tooltip

    New York fines Geico, Travelers $11.3M for pandemic-era breaches

    The auto insurance companies were penalized for a series of attacks that exposed the personal data of 120,000 people in late 2020 and early 2021.

    By Nov. 26, 2024
  • A Starbucks worker holds a beverage.
    Image attribution tooltip
    Courtesy of Starbucks
    Image attribution tooltip

    Starbucks confirms Blue Yonder attack impacted employee scheduling platform

    The company is reverting to manual operations to make sure workers are paid on time, a spokesperson said. 

    By Nov. 26, 2024
  • Las Vegas Boulevard aerial view
    Image attribution tooltip
    Robert Mora / Staff via Getty Images
    Image attribution tooltip

    Gambling tech vendor’s IT systems impacted by cyberattack

    International Game Technology, which makes slot machines and other gambling technology, said it took systems offline following a Nov. 17 cyberattack.

    By Nov. 25, 2024
  • A worker scans produce at a Morrisons supermarket in 2017. The supermarket chain was impacted by a cyberattack against Blue Yonder in November 2024.
    Image attribution tooltip
    Christopher Furlong via Getty Images
    Image attribution tooltip

    Ransomware hits supply chain software firm Blue Yonder ahead of Thanksgiving

    The attack against Blue Yonder led to issues for Morrisons, a U.K.-based grocery chain, in its warehouse management system for fresh food and produce.

    By Nov. 25, 2024
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    Palo Alto Networks pushes back as Shadowserver spots 2K of its firewalls exploited

    The security vendor maintains only a limited number of customers’ firewalls have been exploited by a zero-day it patched earlier this week.

    By Nov. 22, 2024
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Attackers wield password-spray attacks to zero-in on targets, research finds

    The highly effective brute-force attack method requires little effort, Trellix said. Organizations with weak password policies or no MFA are especially at risk.

    By Nov. 20, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Palo Alto Networks customers grapple with another actively exploited zero-day

    The security vendor warned of an unconfirmed vulnerability in PAN-OS earlier this month. A CVE entry and patch came 10 days later.

    By Nov. 19, 2024
  • Abstract black and white monochrome art with surreal funnel.
    Image attribution tooltip
    Philipp Tur/Getty Images Plus via Getty Images
    Image attribution tooltip

    AI training vendor iLearningEngines discloses cyberattack in wake of SEC probe

    The company said an attacker stole data, misdirected a $250,000 wire payment and deleted emails.

    By Nov. 19, 2024
  • Palo Alto Networks
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    Palo Alto Networks’ customer migration tool hit by trio of CVE exploits

    CISA warned of two critical and actively exploited vulnerabilities in Expedition one week after another CVE came under active exploitation in the same product.

    By Nov. 15, 2024
  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Feds find ‘broad and significant’ China espionage campaign in US telecom networks

    The FBI and CISA warned the nation-state affiliated malicious activities are extensive and include the theft of sensitive call records and court-ordered information.

    By Nov. 14, 2024
  • A Cargill sign is seen at the entrance of a parking lot where cars sit.
    Image attribution tooltip
    Spencer Tirey via Getty Images
    Image attribution tooltip

    5th Circuit dismisses Cargill employee’s Kronos hack, discrimination claims

    The decision is also a victory for UKG, whom the employee sued separately for privacy violation allegations stemming from a 2021 ransomware attack.

    By Ryan Golden • Nov. 14, 2024
  • cybersecurity, matrix, abstract
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Zero-days from top security vendors were most exploited CVEs in 2023

    The top five vulnerabilities exploited by attackers last year were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found.

    By Nov. 13, 2024
  • A closeup shot of long colorful lines of code on a computer screen.
    Image attribution tooltip
    Wirestock via Getty Images
    Image attribution tooltip

    Critical Veeam CVE targeted by new ransomware variant

    Multiple ransomware variants are now targeting the CVE, which has a CVSS of 9.8. For customers, the risk of exploitation is only increasing.

    By Nov. 12, 2024
  • A screenshot of a website outage.
    Image attribution tooltip
    Retrieved from Hannaford on November 11, 2024
    Image attribution tooltip

    Grocery giant Ahold Delhaize’s US operations disrupted by cyberattack

    The parent company said the disruption forced it to take certain systems offline and affected some pharmacies and e-commerce services.

    By Catherine Douglas Moran , Sam Silverstein • Nov. 11, 2024
  • Pumpjack (oil derrick) and refinery plant in West Texas.
    Image attribution tooltip
    dszc via Getty Images
    Image attribution tooltip

    Newpark Resources discloses October ransomware attack

    The incident occurred just two months after an attack against oilfield services giant Halliburton.

    By Nov. 11, 2024
  • Halliburton offices in Houston, Texas. The company is recovering from a an August cyberattack that temporarily disrupted certain operations.
    Image attribution tooltip
    Brandon Bell via Getty Images
    Image attribution tooltip

    Halliburton incurs about $35M in expenses related to August cyberattack

    The company said the intrusion forced it to delay billing and collections, but the impact is not considered material.

    By Nov. 8, 2024
  • Palo Alto Networks
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    Attackers target Palo Alto Networks’ customer migration tool

    An actively exploited vulnerability in Expedition allows attackers to achieve admin account takeover. The product reaches end of life in January.

    By Nov. 8, 2024
  • a close up of a computer chip implanted on a silicon board
    Image attribution tooltip
    SweetBunFactory via Getty Images
    Image attribution tooltip

    Microchip Technology reports $21.4M expense from August cyberattack

    The chipmaker said the financial impact from the attack was immaterial and largely linked to unscheduled factory outages.

    By Nov. 7, 2024
  • A daytime shot of Columbus, Ohio, with a bridge, river and green space in the foreground. Tall buildings dot the background.
    Image attribution tooltip
    Sean Reid via Getty Images
    Image attribution tooltip

    Columbus, Ohio confirms July ransomware attack compromised data of 500K people

    The city notified half a million people their personal information was at risk following the attack it attributed to a foreign threat actor.

    By Nov. 6, 2024
  • security operations center
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Cyberattacks hit 1 in 3 SMBs last year

    Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.

    By Nov. 5, 2024