Threats: Page 3


  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks

    Threat researchers say a financially-motivated attacker has deployed the tool in social-engineering attacks since April.

    By May 17, 2024
  • For technologists speak at a panel on stage
    Image attribution tooltip
    Matt Ashare/Cybersecurity Dive
    Image attribution tooltip

    AI raises CIO cyber anxieties

    Using third-party generative AI products without the proper controls exposes existing security gaps, McKinsey and Co. Partner Jan Shelly Brown said Tuesday at the MIT Sloan CIO Symposium.

    By Matt Ashare • May 17, 2024
  • Empty interior of modern security system control room with workstations with multiple displays and big screens mounted on the wall. Explore the Trendline
    Image attribution tooltip
    .shock via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

    By Cybersecurity Dive staff
  • U.S. National Cyber Director Harry Coker Jr. speaks during keynote at CyberUK 2024.
    Image attribution tooltip
    Permission granted by Matthew Horwood
    Image attribution tooltip

    National Cyber Director echoes past warnings: Nation-state cyber threats are mounting

    State-linked actors with ties to China and Russia are growing more sophisticated in their efforts to disrupt critical infrastructure, Harry Coker Jr. said during a CyberUK conference keynote.

    By May 15, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Only one-third of firms deploy safeguards against generative AI threats, report finds

    Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.

    By Jim Tyson • May 13, 2024
  • A digital outline of a brain with lights emerging from the stem, creating a half circle that looks like the globe.
    Image attribution tooltip
    dem10 via Getty Images
    Image attribution tooltip

    Generative AI is a looming cybersecurity threat

    Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention. 

    By Jen A. Miller , May 8, 2024
  • National Cyber Director Harry Coker speaks in Washington.
    Image attribution tooltip
    Permission granted by Information Technology Industry Council
    Image attribution tooltip

    The US really wants to improve critical infrastructure cyber resilience

    A report from the Office of the National Cyber Director highlights persistent threats targeting healthcare and water, echoing warnings from cyber officials earlier this year. 

    By May 8, 2024
  • Sewage water flowing into river body and polluting the water and environment.
    Image attribution tooltip
    Cinefootage Visuals via Getty Images
    Image attribution tooltip

    Hacktivists exploiting poor cyber hygiene at critical infrastructure providers

    CISA, the FBI and international partner agencies want water, energy, agriculture and other sectors to immediately reset passwords and apply multifactor authentication.

    By May 1, 2024
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Cactus ransomware targets a handful of Qlik Sense CVEs

    Security researchers warn the threat group is ramping up exploitation of previously disclosed flaws in the cloud platform.

    By April 29, 2024
  • Robot and human hands close to each other.
    Image attribution tooltip
    Permission granted by Fortinet
    Image attribution tooltip
    Sponsored by Fortinet

    The top 3 ways AI power supports a dynamic business

    It’s time to welcome a new era of dynamic digital defense. Artificial intelligence (AI) is revolutionizing network security with autonomous learning, holistic collaboration and rapid response capabilities.

    April 29, 2024
  • Printer
    Image attribution tooltip
    Simonkr via Getty Images
    Image attribution tooltip

    Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg

    State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.

    By April 24, 2024
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images
    Image attribution tooltip

    Enterprises are getting better at detecting security incidents

    Google Cloud’s Mandiant saw significant improvements in how organizations track down threats, yet hackers are still abusing common threat vectors.

    By April 23, 2024
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    NSA sounds alarm on AI’s cybersecurity risks

    Attack vectors unique to AI may attract malicious actors on the hunt for sensitive data or intellectual property, the NSA warned.

    By Alexei Alexis • April 19, 2024
  • Computer hacker stealing data from a laptop.
    Image attribution tooltip
    BrianAJackson via Getty Images
    Image attribution tooltip

    Fears rise of social engineering campaign as open source community spots another threat

    Federal officials are said to be investigating potential links between the recent XZ Utils campaign and new threat activity against JavaScript project maintainers.

    By April 16, 2024
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    CISA to big tech: After XZ Utils, open source needs your support

    The attempted malicious backdoor may have been part of a wider campaign using social engineering techniques, the open source community warned.

    By April 15, 2024
  • The Eastern facade of the United States Capitol Building, with the House of the Representative's stair.
    Image attribution tooltip
    3000ad via Getty Images
    Image attribution tooltip

    Federal agencies caught sharing credentials with Microsoft over email

    U.S. government agencies are in jeopardy of Russia-linked cyberattacks, and although CISA isn’t aware of any compromised environments, officials warn the risk is exigent.

    By April 12, 2024
  • FBI Director Christopher Ray speaking at the annual Boston Conference on Cyber Security
    Image attribution tooltip

    Lee Pellegrini, Boston College

    Image attribution tooltip

    FBI director echoes past warnings, as critical infrastructure hacking threat festers

    Chris Wray says adversaries from China, Russia and Iran are ramping up cyber, espionage and other threat activity against key sectors, including water, energy and telecommunications.

    By April 11, 2024
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA assessing threat to federal agencies from Microsoft adversary Midnight Blizzard

    Microsoft previously warned that the Russia-linked threat group was expanding malicious activity following the hack of senior company executives, which it disclosed in January.

    By April 5, 2024
  • A closeup shot of long colorful lines of code on a computer screen.
    Image attribution tooltip
    Wirestock via Getty Images
    Image attribution tooltip

    Motivations behind XZ Utils backdoor may extend beyond rogue maintainer

    Security researchers are raising questions about whether the actor behind an attempted supply chain attack was engaged in a random, solo endeavor.

    By April 2, 2024
  • Anne Neuberger deputy national security advisor for cyber and emerging technologies, speaks at the Billington Cybersecurity Summit with Brad Medairy, EVP, Booz Allen.
    Image attribution tooltip
    Courtesy of Billington CyberSecurity Summit
    Image attribution tooltip

    Water woes: A federal push for cyber mitigation is highlighting the sector’s fault lines

    The water utility industry says they recognize the heightened threat environment, but the current federal push fails to account for their resource constraints.

    By March 28, 2024
  • The welcome screen for the OpenAI "ChatGPT" app is displayed on a laptop screen
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    Security concerns creep into generative AI adoption

    As the AI ecosystem grows and more tools connect to internal data, threat actors have a wider field to introduce vulnerabilities.

    By Lindsey Wilkinson • March 27, 2024
  • Login information attached to large hook hanging in front of computer keyboard.
    Image attribution tooltip
    Philip Steury via Getty Images
    Image attribution tooltip

    Phishing remains top route to initial access

    Tricking individuals to reveal sensitive information turns human behavior and trust into a weapon.

    By March 26, 2024
  • A man and a woman shake hands in front of a desk that has flags from the U.S. and Ukraine. The people are in front of a blue background with CISA logos.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.
    Image attribution tooltip

    Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears

    Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk. 

    By March 22, 2024
  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Five Eyes implores critical infrastructure execs to take China-linked threats seriously

    Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.

    By March 20, 2024
  • Oil Or Gas Transportation With Blue Gas Or Pipe Line Valves On Soil And Sunrise Background
    Image attribution tooltip
    onurdongel via Getty Images
    Image attribution tooltip

    Threat actors are turning to novel malware as malicious attacks rise

    BlackBerry identified 5,300 unique malware samples targeting its customers per day from September through December.

    By March 14, 2024
  • A facade of the White House in Washington, D.C.
    Image attribution tooltip
    Nick van Bree via Getty Images
    Image attribution tooltip

    Ransomware festers as a top security challenge, US intel leaders say

    U.S. intelligence leaders warn ransomware activity is growing, despite high profile efforts to seize threat actors’ infrastructure.

    By March 12, 2024