Russia, backed by ransomware gangs, actively targeting US, FBI director says

The FBI is laser focused on preventing a destructive attack, FBI Director Christopher Wray said. The agency previously, helped to disrupt a 2021 Iran-backed attack on Boston Children’s Hospital. 

By David Jones • June 2, 2022

Conti ransomware gang grows brash and flames out. What's next?

The group's reported demise is likely a diversion. Members of the group still pose a significant ransom and data extortion threat to enterprises.

By Matt Kapko • May 31, 2022

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

Persistent vulnerabilities put VMware on the defense

Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.

By Matt Kapko • May 27, 2022

Cybersecurity threat extends to utility credit ratings: Fitch

Electric utilities, up against growing cyberthreats and poor security practices, "could result in negative rating actions," Fitch Ratings said.

By Robert Walton • May 26, 2022

Google Cloud positions itself as a 'standalone security brand'

The platform reinforced its bid to become an all-inclusive security provider with forthcoming services for open source software and zero-trust architecture.

By Matt Kapko • May 24, 2022

Russian disinformation campaigns disrupt Ukraine narrative

State-linked, foreign groups use social media and phishing to manipulate Ukraine citizens and western allies.

By David Jones • May 24, 2022

CISOs say they're at less risk of a substantial cyberattack

A modest confidence boost and more deliberate security strategies follow two years of pandemic-induced chaos, a Proofpoint-sponsored survey found.

By Matt Kapko • May 17, 2022

Enterprises rarely follow advice to never pay ransoms

Ransomware foists a difficult choice on executives and very few leave business operations in limbo to test a best practice.

By Matt Kapko • May 16, 2022

Emotet reemerges as top malware in circulation

The botnet’s activity surged 2,823% between Q4 2021 and Q1 2022, displaying a more recent shift in targets, HP Wolf Security analysts said.

By Matt Kapko • May 12, 2022

US, allies blame Russia for Viasat cyberattack

The Five Eyes and other EU authorities linked Russia to a series of web defacement, DDoS and destructive wiper attacks in the weeks leading up to the Ukraine invasion.

By David Jones • May 11, 2022

SEO-savvy threat actors drive surge in malware downloads

Cybercriminals flooded Google and Bing with malicious PDF files that contain commonly searched keywords, resulting in a 450% annualized increase in phishing downloads.

By Matt Kapko • May 10, 2022

Threat actor launches email attacks to lift corporate M&A secrets, Mandiant says

The suspected threat actor, UNC3524, lurks in victim environments for at least 18 months.

By Matt Kapko • May 5, 2022

Ukraine cyberthreat activity ramps up against critical infrastructure, governments

Researchers say state-linked and criminal activity has risen in recent weeks.

By David Jones • May 4, 2022

Familiar names top 2021's most-exploited vulnerabilities list

Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.

By David Jones • May 2, 2022

Ransomware attacks, payouts soared worldwide in 2021: report

More organizations are paying ransoms as attacks grow in sophistication.

By David Jones • April 27, 2022

Emotet botnet tests new techniques after global crackdown

The once prolific botnet, returning from "spring break," is preparing a new high-volume campaign, Proofpoint researchers said. 

By David Jones • April 26, 2022

HHS warns providers of 'exceptionally aggressive' ransomware group

The Hive group practices double extortion — demanding payment to free data it has encrypted while also threatening to release the unencrypted data publicly.

By Shannon Muchmore • April 25, 2022

Cyber agencies renew warnings of Russia-linked threats against industrial targets

Separately, the U.S. is expanding the Joint Cyber Defense Collaborative to include experts on industrial control systems.

By David Jones • April 21, 2022

Threat detection accelerates in Asia, Europe, as notification trends shift

Median dwell time fell as organizations boosted cybersecurity defenses, shared threat intelligence.

By David Jones • April 19, 2022

Authorities warn dangerous new malware can shut down, sabotage industrial sites

The malware initially targeted Schneider Electric and Omron controllers.

By David Jones • April 14, 2022

Microsoft intercepts Zloader botnet, a distributor for Ryuk ransomware

Ryuk was behind major attacks on healthcare, while the botnet focused on credentials and financial theft.

By David Jones • April 14, 2022

Microsoft blocks Russian cyberattacks linked to Ukraine war

Strontium, a GRU-linked threat actor, targeted Ukraine media, foreign policy think tanks and government agencies in the U.S. and Europe.

By David Jones • April 8, 2022

DOJ disrupts Russia-backed Cyclops Blink botnet

The court-ordered operation is the latest effort to stop malicious cyber activity following the Russian invasion of Ukraine.

By David Jones • April 7, 2022

Federal authorities urged to bolster intel sharing amid nation-state threats

Current Russian cyber activity has been limited, but experts warn the threat may increase on short notice.

By David Jones • April 6, 2022

State Department launches cyber bureau amid rising global tensions

The long anticipated bureau aims to weave diplomacy into the global effort to combat ransomware and rogue nation-state activity.

By David Jones • April 5, 2022