Threats: Page 2


  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Volt Typhoon exploiting zero-day in campaign targeting ISPs, MSPs

    Researchers from Black Lotus Labs warn the state-linked adversary is exploiting a vulnerability in Versa Director using custom web shells against the telecom sector.

    By Aug. 28, 2024
  • A pair of binoculars covered with code, indicating a cybersecurity breach
    Image attribution tooltip
    Marco_Piunti via Getty Images
    Image attribution tooltip

    Marketing data security threats are rising: Where CMOs see gaps

    While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG. 

    By Peter Adams • Aug. 23, 2024
  • Empty interior of modern security system control room with workstations with multiple displays and big screens mounted on the wall. Explore the Trendline
    Image attribution tooltip
    .shock via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

    By Cybersecurity Dive staff
  • Broadband connections
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    DDoS attacks surge since late 2023, telecom still in hot seat

    The report comes just weeks after a DDoS attack disrupted Microsoft Azure for about eight hours.

    By Aug. 15, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    M&A activity can amplify ransomware insurance losses, research finds

    The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.

    By Alexei Alexis • Aug. 14, 2024
  • Black Hat logo on display above Michelob Ultra Arena in Las Vegas.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says

    Despite the disruption, Jen Easterly said the outage was a "useful exercise" to determine the resiliency of critical infrastructure organizations.

    By Aug. 8, 2024
  • A close up of Michael Regan
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems

    The report comes amid a rise in malicious cyberthreats from state-linked and criminal hackers targeting U.S. drinking water and water treatment facilities.

    By Aug. 6, 2024
  • Aerial view of sewage treatment plant
    Image attribution tooltip
    xijian via Getty Images
    Image attribution tooltip
    Sponsored by Rockwell Automation

    Water systems under siege: How CISOs can protect critical infrastructure from cyberthreats

    As regulatory oversight evolves, most CISOs are focused on modernizing and improving OT cybersecurity.

    July 29, 2024
  • The flag of Ukraine pinned on the map. Horizontal orientation. Macro photography.
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Dragos warns of novel malware targeting industrial control systems

    FrostyGoop, the ninth ICS-specific malware observed by Dragos, was linked to a January attack on an energy provider in Ukraine.

    By July 23, 2024
  • A massive IT outage stranded Delta Air Lines passengers at the Detroit Metropolitan Wayne County Airport on July 20.
    Image attribution tooltip
    Joe Raedle via Getty Images
    Image attribution tooltip

    CrowdStrike, Microsoft scramble to contain fallout from global IT outage

    Cybersecurity and IT experts said users are having major difficulties in recovery efforts, despite workarounds and guidance the vendors released.

    By July 22, 2024
  • FTC sweep of dark patterns of SaaS companies
    Image attribution tooltip
    AntonioGuillem via Getty Images
    Image attribution tooltip

    76% of SaaS companies use ‘dark patterns,’ analysis finds

    With federal regulators and states clamping down on the practice, companies might take a hard look at how they’re presenting information on their websites and in their apps.

    By Robert Freedman • July 11, 2024
  • Young businessman working alone at his desk on desktop computer in an open space modern coworking office.
    Image attribution tooltip
    .shock via Getty Images
    Image attribution tooltip

    Risk escalates as communication channels proliferate

    The chance of losing data to a breach rises in tandem with the number of channels — like email and file sharing — that an organization uses.

    By Robert Freedman • July 10, 2024
  • Rendering of digital data code in safety security technology concept.
    Image attribution tooltip
    iStock/Getty Images Plus via Getty Images
    Image attribution tooltip

    Microsoft warns of elevated risk in Rockwell Automation PanelView Plus CVEs

    Microsoft researchers warn the vulnerabilities can be exploited, potentially resulting in remote code execution and denial of service.

    By July 3, 2024
  • A bicyclist rides by a sign that is posted in front of the Cisco Systems headquarters on August 10, 2011 in San Jose, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Cisco Nexus devices zero day raises alarms despite CVSS score

    Though the NX-OS CVE only has a 6.0 score, a suspected espionage actor is deploying custom malware to exploit a command injection vulnerability in a range of switching devices.

    By July 2, 2024
  • Cars are parked in a multistory garage.
    Image attribution tooltip
    dies-irae via Getty Images
    Image attribution tooltip

    Cybersecurity is now a top concern for auto industry, report finds

    Automotive leaders fear exposure to threats will worsen as the sector invests more in technology to drive efficiencies, Rockwell Automation found.

    By Kalena Thomhave • July 2, 2024
  • Microsoft President and Vice Chair Brad Smith speaks April 12, 2023, at the Semafor World Economy Summit in Washington D.C.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    Microsoft alerts additional customers of state-linked threat group attacks

    The company told customers the Midnight Blizzard attacks disclosed in January were more widespread than previously known.

    By June 28, 2024
  • Cybersecurity professionals walk into the RSA Conference at the Moscone Center in San Francisco on May 6, 2024.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive/Cybersecurity Dive
    Image attribution tooltip

    Is the cybersecurity industry ready for AI?

    As cybersecurity teams focus on how to thwart threat actors, they are missing the risks around the data they are sharing willingly.

    By Sue Poremba • June 24, 2024
  • Code on a black and white background that appears warped.
    Image attribution tooltip
    HenrikNorway via Getty Images
    Image attribution tooltip

    IT pros worry over the data that fuels AI

    More than 2 in 5 technologists have already had a negative AI experience, according to a SolarWinds survey.

    By Matt Ashare • June 20, 2024
  • Man using facial recognition technology on city street
    Image attribution tooltip
    LeoPatrizi via Getty Images
    Image attribution tooltip

    MFA plays a rising role in major attacks, research finds

    Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.

    By June 18, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Cyberattacks pose mounting risks to creditworthiness: Moody’s

    “As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.

    By Jim Tyson • June 6, 2024
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    TU IS via Getty Images
    Image attribution tooltip

    Cyber risk is rising for poorly configured OT devices

    Since late last year, researchers have identified more politically motivated groups targeting water and other key critical infrastructure systems.

    By June 3, 2024
  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Check Point Software customers targeted by hackers using old, local VPN accounts

    The incidents mark the latest attempts to compromise organizations by exploiting vulnerable edge devices used for remote access.

    By May 28, 2024
  • A long curved desk with banks of computer monitors mounted on the wall.
    Image attribution tooltip
    tonymelony via Getty Images
    Image attribution tooltip

    Cyber officials, incident response teams brace for Memorial Day weekend

    The holiday weekend has emerged as a prime opportunity for ransomware attacks as security operations teams scale down for the summer. 

    By May 24, 2024
  • In an aerial view, cars drive by the San Francisco skyline as they cross the San Francisco-Oakland Bay Bridge on October 27, 2022 in San Francisco, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Popular LLMs are insecure, UK AI Safety Institute warns

    AI models released by “major labs” are highly vulnerable to even basic attempts to circumvent safeguards, the researchers found.

    By Lindsey Wilkinson • May 23, 2024
  • Water rushing out of a pipeline and onto a wheat field.
    Image attribution tooltip
    lnzyx for iStock via Getty Images
    Image attribution tooltip

    EPA to ramp up enforcement as most water utilities lack cyber safeguards

    The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

    By May 21, 2024
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Open source threat intel platform launched weeks after malicious backdoor targeted XZ Utils

    OSSF developed warning system to protect open source maintainers, developers from social engineering, active exploits.

    By May 20, 2024