Cyberattacks: Page 32
-
Samoilov, Yuri, yuri.samoilov.online/. (2014). "System Lock" [Photograph]. Retrieved from Flickr.
Hackers accessed cloud services using phishing, 'pass-the-cookie' attacks, CISA says
In one case, the agency found threat actors accessed a user's account "with proper multi-factor authentication," circumventing the favored security method.
By Samantha Schwartz • Jan. 14, 2021 -
Traitov/iStock/Getty via Getty Images
SolarWinds initially hacked in September 2019, 3rd malware found
In a new timeline, SolarWinds said hackers likely began testing the malicious code months before the backdoor was deployed.
By Samantha Schwartz • Jan. 12, 2021 -
Explore the Trendlineā
BNMK0819 via Getty Images
TrendlineTop 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
Attackers used password spraying, guessing in SolarWinds hack
As experts investigate the damage, the latest CISA update points to a constant in cybersecurity: weak passwords.
By Samantha Schwartz • Jan. 11, 2021 -
Getty
Chris Krebs, Alex Stamos join SolarWinds for hack cleanup
SolarWinds has tapped two high-profile and outspoken security experts to guide its efforts to evolve into a more secure software development company.
By Samantha Schwartz • Jan. 8, 2021 -
Report: Officials investigating possible role of SolarWinds' vendor in compromise
The investigation is centered around whether JetBrains' software development tools are a conduit for compromise. The company has said it is unaware of the investigation.
By Samantha Schwartz • Jan. 7, 2021 -
SolarWinds attack leads to renewed focus on IT relationships with corporate boards
Corporate governance and cybersecurity experts say IT officials need to clearly and regularly communicate potential risks and liabilities ahead of the next crisis.
By David Jones • Jan. 7, 2021 -
Federal task force says Russia likely actor behind SolarWinds attack
As investigations continue, agencies are working to preserve private-sector trust.
By David Jones , Samantha Schwartz • Jan. 5, 2021 -
Samantha Liss, Healthcare Dive
Healthcare cyberattacks spiked 45% since November, report finds
While most ransomware has a broad sector target, Check Point found Ryuk is tailored toward targets in the healthcare industry.
By Samantha Schwartz • Jan. 5, 2021 -
Fast-growing gaming industry faces rising threat of account compromise
A report from KELA shows one million compromised accounts and thousands of leaked employee credentials in underground markets.
By David Jones • Jan. 5, 2021 -
Full impact of SolarWinds attack begins to emerge across tech sector, federal agencies
Several leading technology companies and other organizations are evaluating the impact of the SolarWinds breach and other recent nation-state attacks.
By David Jones • Dec. 23, 2020 -
Retrieved from Gage Skidmore/Flickr.
Biden says US must treat cyberattacks with same 'seriousness of purpose' as weapons
As the president-elect prepares to take office in January, his administration faces one of the largest hacks on federal agencies.
By Samantha Schwartz • Dec. 23, 2020 -
Traitov/iStock/Getty via Getty Images
SolarWinds breach reminds companies to be proactive in managing trust, disclosure
Legal and forensics experts warn CISOs about supply chain monitoring and transparency amid fallout from historic attack.
By David Jones • Dec. 22, 2020 -
Williams, Antrell. (2015). "New Orleans Skyline" [Photograph]. Retrieved from Flickr.
New Orleans leaders share lessons from 2019 cyberattack
CIO Kimberly LaGrue said early preparations were key to preventing disaster and recovering without paying a ransom to the hackers.
By Chris Teale • Dec. 21, 2020 -
Tracking SolarWinds cyberattack fallout, play-by-play
As more companies are discovering impact from the SolarWinds hack, attention is turning toward far-reaching supply chain vulnerabilities.
By Samantha Schwartz , David Jones , Naomi Eide , Katie Malone • Updated Jan. 4, 2021 -
CISA warns of more backdoors beyond SolarWinds Orion
The extent of compromised data is not disclosed. What is clear? Threat actors relied on the supply chain for widespread access.
By Samantha Schwartz • Dec. 17, 2020 -
Federal agencies fall short on cybersecurity, undermining standards
The SolarWinds hack could change how industry coordinates response to future cyberattacks.
By Samantha Schwartz • Dec. 17, 2020 -
Feds require banks to report cyberattacks within 36 hours
The rule, taking effect May 1, requires bank technology vendors to immediately notify customers if an incident disrupted services four hours or more.
By Dan Ennis • Updated Nov. 19, 2021 -
Getty
FireEye killswitch stops SolarWinds hack
After identifying the supply chain attack against SolarWinds, the security firm partnered with Microsoft and GoDaddy to block malware from further operation.
By David Jones • Dec. 16, 2020 -
Kendall Davis for CIO Dive
Microsoft to begin blocking binaries linked to SolarWinds cyberattack
Microsoft Defender Antivirus will quarantine the trojan before it can begin processing, though the company said "it may not be simple to remove the product from service."
By Samantha Schwartz • Dec. 16, 2020 -
Traitov/iStock/Getty via Getty Images
SolarWinds Orion vulnerability: What security teams need to know
As SolarWinds and investigators seek answers on the extent of the Orion vulnerability's impact, experts say the attack raises broader questions about readiness.
By David Jones • Dec. 15, 2020 -
SolarWinds Orion flaw linked to government cyberattacks
The Cybersecurity and Infrastructure Agency called on all federal civilian agencies to review their networks for evidence of compromise and to disconnect or power off SolarWinds Orion products immediately.
By David Jones • Dec. 14, 2020 -
valentinrussanov via Getty Images
Federal agencies warn of heightened cyberthreats against K-12 schools
Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said.
By David Jones • Dec. 11, 2020 -
Courtesy of DSW
Vendor ransomware attack disrupts DSW's inventory management
The impact of cyberattacks on retailers and their vendors is even greater during this digital-first period brought on by the coronavirus pandemic.
By Emma Cosgrove • Dec. 10, 2020 -
Courtesy of BioNTech
COVID-19 vaccine data manipulated after leak, EU drug regulator says
The compromised data included vaccine information from the Pfizer and BioNTech COVID-19 vaccine, the regulator said.
By Samantha Schwartz • Updated Jan. 15, 2021 -
Naomi Eide
FireEye cyberattack leaves more questions than answers
If there is a crack in FireEye's defenses, it could allow attacks against companies under its protection, resulting in devastating supply chain attacks, experts say.
By Naomi Eide • Dec. 9, 2020
Previous
