Cyberattacks: Page 2


  • security operations center
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Cyberattacks hit 1 in 3 SMBs last year

    Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.

    By Nov. 5, 2024
  • A facade of a Schneider Electric building.
    Image attribution tooltip
    Permission granted by Schneider Electric
    Image attribution tooltip

    Schneider Electric investigating cyber intrusion after threat actor gains access to platform

    The French multinational company has been a previous target of ransomware groups.

    By Nov. 5, 2024
  • An abstract photo copy background in black and white. Explore the Trendline
    Image attribution tooltip
    BNMK0819 via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

    By Cybersecurity Dive staff
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files

    Midnight Blizzard has targeted more than 100 organizations across government, IT and academia, in some cases impersonating Microsoft employees.

    By Nov. 1, 2024
  • MoneyGram phone sits on store counter.
    Image attribution tooltip
    Retrieved from Lynne Marek on March 04, 2022
    Image attribution tooltip

    MoneyGram replaces CEO, naming former Walmart executive to the role

    The money transfer company named the new CEO just weeks after a cyberattack led to a systemwide shutdown of its services for several days.

    By Lynne Marek • Oct. 31, 2024
  • Fortinet office in Nepean, Canada.
    Image attribution tooltip
    iStock Editorial / Getty Images Plus via Getty Images
    Image attribution tooltip

    Fortinet finds more malicious IPs linked to widely exploited zero-day

    The cybersecurity vendor said the additional indicators of compromise don’t reflect any major changes. Researchers warn thousands of devices remain exposed.

    By Oct. 31, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Cisco warns actively exploited CVE can lead to DoS attacks against VPN services

    The company warned the threat activity is linked to previously disclosed brute-force attacks beginning in March.

    By Oct. 28, 2024
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    Feds probe China-linked attacks on US telecom networks

    The government’s public acknowledgment of the China-linked attacks follows a series of warnings about a broad and successful campaign to hack U.S. critical infrastructure.

    By Oct. 28, 2024
  • Blue padlock made to resemble a circuit board and placed on binary computer code.
    Image attribution tooltip
    matejmo via Getty Images
    Image attribution tooltip

    SonicWall firewalls the common access point in spreading ransomware campaign

    Arctic Wolf Labs researchers said SonicWall firewalls were the initial access point for at least 30 ransomware attacks since August.

    By Oct. 25, 2024
  • UnitedHealth Group office
    Image attribution tooltip
    Courtesy of UnitedHealth Group
    Image attribution tooltip

    Change Healthcare data breach officially affects 100M people

    The breach is the largest ever reported to a portal managed by federal regulators.

    By Emily Olsen • Oct. 25, 2024
  • Fortinet office in Nepean, Canada.
    Image attribution tooltip
    iStock Editorial / Getty Images Plus via Getty Images
    Image attribution tooltip

    Fortinet zero-day attack spree hits at least 50 customers

    Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been stolen.

    By Oct. 24, 2024
  • Street view of the Securities and Exchange Commission, SEC, Building in Washington DC.
    Image attribution tooltip
    qingwa via Getty Images
    Image attribution tooltip

    SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure

    The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.

    By Oct. 22, 2024
  • Data privacy
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Critical Veeam CVE actively exploited in ransomware attacks

    Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.

    By Oct. 22, 2024
  • Binary code of ones and zeros
    Image attribution tooltip
    deberrar/Getty Images via Getty Images
    Image attribution tooltip

    Zero-day exploits swelled in 2023: Mandiant

    Of the 138 actively exploited vulnerabilities disclosed in 2023 and later analyzed by the threat intelligence firm, 97 were exploited as zero-days.

    By Oct. 18, 2024
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    US disables Anonymous Sudan infrastructure linked to DDoS attack spree

    Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.

    By Oct. 17, 2024
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Iran-linked attackers hit critical infrastructure with brute force

    CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.

    By Oct. 17, 2024
  • A lit Microsoft log seen above a group of people in shadow.
    Image attribution tooltip
    Jeenah Moon via Getty Images
    Image attribution tooltip

    Microsoft reveals ransomware attacks against its customers nearly tripled last year

    Despite the increase, the percentage of cyberattacks reaching the encryption stage continued to decline, according to a Microsoft study.

    By Oct. 16, 2024
  • Capitol Hill lit up at night
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    Lawmakers seek insight into China-linked attacks on telecom networks

    Members of congress want to know when and how AT&T, Lumen and Verizon learned of the intrusions and what data the threat group accessed.

    By Oct. 15, 2024
  • Clorox disinfecting wipes are seen displayed for sale at a Walmart Supercenter on September 18, 2023 in Austin, Texas.
    Image attribution tooltip
    Brandon Bell via Getty Images
    Image attribution tooltip

    Clorox says 2023 cyberattack hurt progress on 2030 plastic, waste reduction goals

    The company is reassessing some sustainability goals, according to its latest annual report. Data shows the company stagnated on lowering virgin material and upping PCR in packaging.

    By Maria Rachal • Oct. 14, 2024
  • A black U.S. Environmental Protection Agency sign on a tan building and placed next to glass double-doors.
    Image attribution tooltip
    Sara Samora/Cybersecurity Dive
    Image attribution tooltip

    American Water Works reconnecting systems a week after cyberattack

    The water utility said there is no evidence of damage to its facilities, but law enforcement and forensic experts are still investigating. 

    By Oct. 11, 2024
  • Building Exterior with Marriott sign
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    FTC settles yearslong investigation into Marriott’s ‘security failures’

    The settlement caps a pattern of major data breaches at Marriott and its subsidiary Starwood Hotels and Resorts Worldwide over the last decade.

    By Oct. 10, 2024
  • Rendering of digital data code in safety security technology concept.
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Trio of Ivanti CSA zero-day vulnerabilities under exploit threat

    The latest round of exploitation follows more than three weeks of CVE disclosures involving various Ivanti products. 

    By Oct. 9, 2024
  • Money moving through cyberspace.
    Image attribution tooltip
    Viorika via Getty Images
    Image attribution tooltip

    MoneyGram attack exposed a trove of sensitive customer data

    The attack led to a days-long outage in September. The money transfer firm hasn’t described the nature of the incident or said how many people are impacted.

    By Oct. 9, 2024
  • ADT sign outside of a private home
    Image attribution tooltip
    Joe Raedle via Getty Images
    Image attribution tooltip

    ADT employee account data stolen in cyberattack

    The alarm system company said an attacker accessed its network with compromised credentials obtained from an unnamed third party.

    By Oct. 8, 2024
  • A facade of the U.S. Environmental Protection Agency signage on the wall of its building
    Image attribution tooltip
    Joe Cicak via Getty Images
    Image attribution tooltip

    American Water Works investigates unauthorized cyber intrusion

    The New Jersey-based utility said none of its water or wastewater operations were impacted by the hack.

    By Oct. 7, 2024
  • Cyberhackers-Ransomware
    Image attribution tooltip
    (Gorodenkoff) via Getty Images
    Image attribution tooltip

    Ivanti up against another attack spree as hackers target its endpoint manager

    Ivanti customers are facing a new series of exploitation attempts after the company pledged in April to launch a comprehensive overhaul of its internal security practices.

    By Oct. 3, 2024