Cyberattacks: Page 7
-
Ascension hit by cybersecurity incident disrupting clinical operations
The major nonprofit health system detected “unusual activity” on some network systems Wednesday.
By Emily Olsen • May 9, 2024 -
China-linked attackers are successfully targeting network security devices, worrying officials
Espionage groups linked to China are heavily exploiting zero days, focusing on devices that lack endpoint detection and response capabilities, one expert said.
By Matt Kapko • May 7, 2024 -
Trendline
Top 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony
Change Healthcare was running on legacy technology, which magnified the ransomware attack’s impact and hampered recovery efforts, Andrew Witty said.
By Matt Kapko • May 6, 2024 -
Clorox lowers sales outlook as recovery from 2023 cyberattack continues
The cleaning products maker is still working to fully restore distribution capabilities after the attack.
By David Jones • May 3, 2024 -
Every Dropbox Sign user, account holders or not, stung in cyberattack
An attacker intruded the electronic signature platform’s production environment and accessed a trove of user data, including OAuth tokens.
By Matt Kapko • May 2, 2024 -
Congress grills UnitedHealth CEO over Change cyberattack
Legislators slammed Andrew Witty over the company’s lack of cybersecurity practices and the impact of the breach, which may have compromised the data of a third of Americans.
By Emily Olsen • May 2, 2024 -
Change Healthcare, compromised by stolen credentials, did not have MFA turned on
AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.
By Matt Kapko • April 30, 2024 -
Sponsored by Fortinet
The top 3 ways AI power supports a dynamic business
It’s time to welcome a new era of dynamic digital defense. Artificial intelligence (AI) is revolutionizing network security with autonomous learning, holistic collaboration and rapid response capabilities.
April 29, 2024 -
CISA director pushes for vendor accountability and less emphasis on victims’ errors
Stakeholders need to address why vendors are delivering products with common vulnerabilities, which account for the majority of attacks, Jen Easterly said.
By Matt Kapko • April 25, 2024 -
Zero-day exploits hit CrushFTP, researchers expect rapid exploitation
CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.
By Matt Kapko • April 24, 2024 -
UnitedHealth admits it paid a ransom in Change Healthcare attack
The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.
By Emily Olsen • Updated April 24, 2024 -
Palo Alto Networks quibbles over impact of exploited, compromised firewalls
The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.
By Matt Kapko • April 23, 2024 -
Mitre R&D network hit by Ivanti zero-day exploits
Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.
By Matt Kapko • April 22, 2024 -
Frontier Communications hit by cyberattack, IT systems impacted
The telecom provider said a cybercrime group intruded its IT infrastructure and gained access to PII. The operational disruption following its containment "could be considered material."
By Matt Kapko • April 19, 2024 -
Palo Alto Networks warns firewall exploits are spreading
Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.
By Matt Kapko • April 18, 2024 -
Cisco Duo MFA message logs exposed in third-party breach
About 1% of the MFA and single sign-on provider’s business customers are impacted. An attacker intruded the third-party vendor’s systems via phishing.
By Matt Kapko • Updated Aug. 26, 2024 -
UnitedHealth expects up to $1.6B hit from Change cyberattack this year
Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.
By Rebecca Pifer • April 16, 2024 -
Federal agencies caught sharing credentials with Microsoft over email
U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.
By Matt Kapko • April 12, 2024 -
Mandiant spots advanced exploit activity in Ivanti devices
The incident response firm identified eight threat groups targeting the remote access VPNs and observed evolved post-exploitation activity.
By Matt Kapko • April 9, 2024 -
Change Healthcare asks to consolidate dozens of cyberattack class-action lawsuits
Lawsuits against the UnitedHealth subsidiary are racking up following a cyberattack against the technology firm in late February.
By Emily Olsen • April 9, 2024 -
D-Link tells customers to sunset actively exploited storage devices
The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability.
By Matt Kapko • April 8, 2024 -
Omni Hotels & Resorts hit by cyberattack
The hotel chain has been responding to the attack since March 29, when it shut down some of its systems.
By Noelle Mateer • April 8, 2024 -
Ivanti pledges security overhaul after critical vulnerabilities targeted in lengthy exploit spree
CEO Jeff Abbott said significant changes are underway. The beleaguered company committed to improve product security, share learnings and be more responsive to customers.
By David Jones • April 4, 2024 -
Microsoft Exchange state-linked hack entirely preventable, cyber review board finds
The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.
By David Jones • April 3, 2024 -
CISA asserts no data stolen during Ivanti-linked attack on the agency
Threat actors gained access to and potentially compromised two CISA systems weeks after the agency applied Ivanti’s initial mitigation measures.
By Matt Kapko • April 2, 2024