MFA plays a rising role in major attacks, research finds

Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.

By David Jones • June 18, 2024

What we know about the Snowflake customer attacks

Analysts and threat hunters warn more companies are confronting significant exposure from the identity-based attacks, and damages are spreading.

By Matt Kapko • June 17, 2024

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

Ransomware attacks hit manufacturing hard in 2023

The sector was among the top industries to pay ransom demands. The average payment increased 88% to almost $2.4 million last year, Sophos found.

By Matt Kapko • June 14, 2024

Ascension says cyberattack may have compromised protected health data

Hackers gained access to the nonprofit’s systems early last month after a worker accidentally downloaded a malicious file, Ascension said.

By Emily Olsen • June 14, 2024

Los Angeles schools investigating claims of data for sale on dark web

The alleged incident is raising questions as to whether there’s been a more recent data breach in the district since September 2022.

By Anna Merod • June 14, 2024

Snowflake-linked attacks are testing the cloud’s shared responsibility status quo

Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.

By Matt Kapko • June 13, 2024

Pure Storage comes forward as an early victim of Snowflake-linked attacks

The data storage vendor said information exposed by the attack can’t be used to gain access to customer systems.

By Matt Kapko • June 12, 2024

Clorox to restart ERP upgrade as it looks past August cyberattack

With the company out of recovery mode, teams are looking to advance on digital transformation projects. 

By Lindsey Wilkinson • June 11, 2024

100 Snowflake customers attacked, data stolen for extortion

A financially-motivated attacker used stolen credentials to systematically compromise customer accounts, steal a significant volume of data and extort victims, Mandiant said.

By Matt Kapko • June 10, 2024

Frontier Communications says cyberattack snagged data from 751,000 people

The breach notifications come almost two months after the company initially disclosed the April attack.

By David Jones • June 7, 2024

Cyberattacks pose mounting risks to creditworthiness: Moody’s

“As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.

By Jim Tyson • June 6, 2024

Pressure mounts on Snowflake and its customers as attacks spread

More businesses are likely impacted by an attacker’s access to multiple Snowflake customer databases.

By Matt Kapko • June 6, 2024

CVE exploits, stolen credentials fueled ransomware surge in 2023

Data leak site posts increased 75% to 4,520 posts in 2023, Mandiant said in a report.

By Matt Kapko • June 4, 2024

Snowflake customers caught in identity-based attack spree

Cyber authorities and researchers warn many major companies could be compromised by the targeted attacks against Snowflake customer environments.

By Matt Kapko • June 3, 2024

Live Nation confirms jumbo breach, Ticketmaster customer data exposed

The live concert and entertainment giant disclosed the compromise days after reports began surfacing of a data breach. The company said it detected the intrusion on May 20.

By Matt Kapko • June 3, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

Utilities saw fewer Q1 ransomware attacks than other sectors. A Dragos analyst explains why.

Electric companies worldwide experienced one ransomware attack in Q1, compared with 25 in the transportation sector and 106 in manufacturing, according to Dragos, but analysts warn against utilities getting complacent.

By Robert Walton • May 31, 2024

First American says personal data of 44K breached in December cyberattack

The company previously said the attack had a material impact on Q4 operations, but would not have a significant long-term impact on results.

By David Jones • May 29, 2024

Microsoft president set to testify before Congress on ‘security shortcomings’

After the tech giant asked for more time, Brad Smith will now testify before the House Committee on Homeland Security on June 13.

By Matt Kapko • May 22, 2024

Providers urge HHS to clarify Change data breach reporting requirements

More than 50 provider groups are asking the federal government to publicly state that UnitedHealth should handle data breach reporting stemming from the cyberattack on its subsidiary.

By Emily Olsen • May 22, 2024

EPA to ramp up enforcement as most water utilities lack cyber safeguards

The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

By David Jones • May 21, 2024

Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks

Threat researchers say a financially-motivated attacker has deployed the tool in social-engineering attacks since April.

By David Jones • May 17, 2024

Remote-access tools the intrusion point to blame for most ransomware attacks

Self-managed VPNs from Cisco and Citrix were 11 times more likely to be linked to a ransomware attack last year, At-Bay research found.

By Matt Kapko • May 16, 2024

Black Basta ransomware is toying with critical infrastructure providers, authorities say

The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors.  Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.

By David Jones • May 13, 2024

Some Ascension hospitals diverting emergency care after cybersecurity incident

The health system’s electronic health records, MyChart patient portal and several systems for ordering tests and medications are unavailable, Ascension said.

By Emily Olsen • May 10, 2024