Cyberattacks: Page 2
-
Cyberattacks hit 1 in 3 SMBs last year
Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.
By Matt Kapko • Nov. 5, 2024 -
Schneider Electric investigating cyber intrusion after threat actor gains access to platform
The French multinational company has been a previous target of ransomware groups.
By David Jones • Nov. 5, 2024 -
Trendline
Top 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files
Midnight Blizzard has targeted more than 100 organizations across government, IT and academia, in some cases impersonating Microsoft employees.
By David Jones • Nov. 1, 2024 -
MoneyGram replaces CEO, naming former Walmart executive to the role
The money transfer company named the new CEO just weeks after a cyberattack led to a systemwide shutdown of its services for several days.
By Lynne Marek • Oct. 31, 2024 -
Fortinet finds more malicious IPs linked to widely exploited zero-day
The cybersecurity vendor said the additional indicators of compromise don’t reflect any major changes. Researchers warn thousands of devices remain exposed.
By Matt Kapko • Oct. 31, 2024 -
Cisco warns actively exploited CVE can lead to DoS attacks against VPN services
The company warned the threat activity is linked to previously disclosed brute-force attacks beginning in March.
By David Jones • Oct. 28, 2024 -
Feds probe China-linked attacks on US telecom networks
The government’s public acknowledgment of the China-linked attacks follows a series of warnings about a broad and successful campaign to hack U.S. critical infrastructure.
By Matt Kapko • Oct. 28, 2024 -
SonicWall firewalls the common access point in spreading ransomware campaign
Arctic Wolf Labs researchers said SonicWall firewalls were the initial access point for at least 30 ransomware attacks since August.
By Matt Kapko • Oct. 25, 2024 -
Change Healthcare data breach officially affects 100M people
The breach is the largest ever reported to a portal managed by federal regulators.
By Emily Olsen • Oct. 25, 2024 -
Fortinet zero-day attack spree hits at least 50 customers
Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been stolen.
By Matt Kapko • Oct. 24, 2024 -
SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure
The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.
By David Jones • Oct. 22, 2024 -
Critical Veeam CVE actively exploited in ransomware attacks
Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.
By Matt Kapko • Oct. 22, 2024 -
Zero-day exploits swelled in 2023: Mandiant
Of the 138 actively exploited vulnerabilities disclosed in 2023 and later analyzed by the threat intelligence firm, 97 were exploited as zero-days.
By Matt Kapko • Oct. 18, 2024 -
US disables Anonymous Sudan infrastructure linked to DDoS attack spree
Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.
By David Jones • Oct. 17, 2024 -
Iran-linked attackers hit critical infrastructure with brute force
CISA and the FBI warn healthcare, government, IT and other sectors of password spraying and multifactor authentication push bombing.
By Matt Kapko • Oct. 17, 2024 -
Microsoft reveals ransomware attacks against its customers nearly tripled last year
Despite the increase, the percentage of cyberattacks reaching the encryption stage continued to decline, according to a Microsoft study.
By Matt Kapko • Oct. 16, 2024 -
Lawmakers seek insight into China-linked attacks on telecom networks
Members of congress want to know when and how AT&T, Lumen and Verizon learned of the intrusions and what data the threat group accessed.
By Matt Kapko • Oct. 15, 2024 -
Clorox says 2023 cyberattack hurt progress on 2030 plastic, waste reduction goals
The company is reassessing some sustainability goals, according to its latest annual report. Data shows the company stagnated on lowering virgin material and upping PCR in packaging.
By Maria Rachal • Oct. 14, 2024 -
American Water Works reconnecting systems a week after cyberattack
The water utility said there is no evidence of damage to its facilities, but law enforcement and forensic experts are still investigating.
By David Jones • Oct. 11, 2024 -
FTC settles yearslong investigation into Marriott’s ‘security failures’
The settlement caps a pattern of major data breaches at Marriott and its subsidiary Starwood Hotels and Resorts Worldwide over the last decade.
By Matt Kapko • Oct. 10, 2024 -
Trio of Ivanti CSA zero-day vulnerabilities under exploit threat
The latest round of exploitation follows more than three weeks of CVE disclosures involving various Ivanti products.
By David Jones • Oct. 9, 2024 -
MoneyGram attack exposed a trove of sensitive customer data
The attack led to a days-long outage in September. The money transfer firm hasn’t described the nature of the incident or said how many people are impacted.
By Matt Kapko • Oct. 9, 2024 -
ADT employee account data stolen in cyberattack
The alarm system company said an attacker accessed its network with compromised credentials obtained from an unnamed third party.
By Matt Kapko • Oct. 8, 2024 -
American Water Works investigates unauthorized cyber intrusion
The New Jersey-based utility said none of its water or wastewater operations were impacted by the hack.
By David Jones • Oct. 7, 2024 -
Ivanti up against another attack spree as hackers target its endpoint manager
Ivanti customers are facing a new series of exploitation attempts after the company pledged in April to launch a comprehensive overhaul of its internal security practices.
By David Jones • Oct. 3, 2024