More than half of companies have already faced AI-powered phishing attacks, a new survey finds.| Cybersecurity Dive
Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks.| Cybersecurity Dive
Ransomware gangs that offer their affiliates customization and automation are growing faster than those that don’t, a new report finds.| Cybersecurity Dive
Critics say the new convention is ripe for abuse by authoritarian countries.| Cybersecurity Dive - Latest News
Microsoft has issued an out-of-band update and is urging users to immediately apply the patch.| Cybersecurity Dive - Latest News
No active exploitation has been spotted, but the vendor and researchers advise users to apply updates immediately.| Cybersecurity Dive - Latest News
Security leaders should prioritize anomalous-activity detection and zero-trust principles, a new report recommends.| Cybersecurity Dive - Latest News
Operating in a risk-averse industry, IT decision-makers are helping their businesses adapt to emerging threats without derailing momentum.| Cybersecurity Dive - Latest News
Amid seismic change for IT leaders, enterprises need to curate survival kits to mitigate reliability and cost challenges, Gartner analysts said.| Cybersecurity Dive - Latest News
As companies face cybersecurity skills gaps and broader attack surfaces, they’re warily turning to AI-powered automation.| Cybersecurity Dive - Latest News
The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.| Cybersecurity Dive - Latest News
The Cyber Monitoring Centre warned that losses could rise further if the company's production isn't back to pre-incident levels by January.| Cybersecurity Dive - Latest News
EY suggested ways for companies to reduce AI-related hacking risks.| Cybersecurity Dive
The agency’s declaratory ruling took effect Thursday, but the future outlook of that effort and a separate proposed rule remain uncertain under the incoming administration.| Cybersecurity Dive
A court-approved operation to remove web shells coincided with a push to get government and private sector systems patched with critical security updates.| Cybersecurity Dive
The global email security provider was hit by a malicious attack that compromised a certificate used to authenticate some Microsoft 365 products.| Cybersecurity Dive
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.| Cybersecurity Dive
The arrests mark the first major break in a case linked to the Scattered Spider cybercrime group, although additional work continues with multiple agencies.| Cybersecurity Dive
A hacker group linked to multiple social-engineering attacks has claimed credit for the intrusion.| Cybersecurity Dive
Attack vectors unique to AI may attract malicious actors on the hunt for sensitive data or intellectual property, the NSA warned.| Cybersecurity Dive
The U.S. military research agency hopes to foster a new ecosystem of autonomous vulnerability remediation.| Cybersecurity Dive
AI tools are still too computationally intense for cybercriminals to rely on, according to a new report.| Cybersecurity Dive
Walmart, American Express and HSBC are among the companies that have had sensitive data exposed.| Cybersecurity Dive
The SolarWinds hack caused government and industry leaders to rethink how software is made and secured, giving rise to close scrutiny of the software supply chain.| Cybersecurity Dive
The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.| Cybersecurity Dive
The court ruling related to claims leading up to and immediately following the 2020 Sunburst supply chain hack.| Cybersecurity Dive
The Cybersecurity and Infrastructure Agency called on all federal civilian agencies to review their networks for evidence of compromise and to disconnect or power off SolarWinds Orion products immediately.| Cybersecurity Dive
A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.| Cybersecurity Dive
Basic vulnerabilities account for most cyberattacks, but security leaders say they’re more concerned about the risks of AI, new research shows.| Cybersecurity Dive
As industry returns from the holiday break, organizations are assessing potential security threats from Log4j, ranging from coin miners to hands-on-keyboard attacks.| Cybersecurity Dive
Microsoft warns that threat actors are using third-party hosted Minecraft servers to launch ransomware attacks. The company also warned that access brokers are getting into the game.| Cybersecurity Dive
Even with new patches available, CISA is concerned that threat actors will easily shake off the fixes once again.| Cybersecurity Dive
The vulnerability has upended federal officials and the infosec industry, putting hundreds of millions of devices and systems at risk.| Cybersecurity Dive
Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.| Cybersecurity Dive
The research also found that cyberattacks have escalated both in frequency and severity in the past year, with AI serving as a primary driver behind the surge.| Cybersecurity Dive
Hackers have gained access to key information that could help exploit firewalls.| Cybersecurity Dive
Meanwhile, Stellantis said hackers gained access to some customer information in a third-party data breach.| Cybersecurity Dive
A report by S&P says organizations should consider changes to strengthen cyber governance, training and awareness.| Cybersecurity Dive
Patching won’t be able to keep up with discovery, said Rob Joyce, who once led the National Security Agency's elite hacking team.| Cybersecurity Dive
A suspected ransomware attack targeting a U.S. company that provides check-in technology has led to widespread flight disruptions since Friday.| Cybersecurity Dive
The increasing use of AI will drive a demand for technology that can anticipate and neutralize threats, Gartner said in a new report.| Cybersecurity Dive
The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.| Cybersecurity Dive
IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report.| Cybersecurity Dive
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.| Cybersecurity Dive
The firm is giving away services and offering deferred billing to corral new customers into its consolidated cybersecurity platforms.| Cybersecurity Dive
Available through January, the response program comes at a time of heightened demand for rapid forensic services, particularly in light of the coming SEC incident response enforcement.| Cybersecurity Dive
The agreement could completely reshape the market for identity security, according to analysts.| Cybersecurity Dive
A prominent former member of a recently shuttered cyber-incident review panel said the board should be reconstituted with independent authority.| Cybersecurity Dive
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.| Cybersecurity Dive
The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.| Cybersecurity Dive
Airport staff began turning on and testing systems for international and low-volume carriers, which are the most heavily impacted by the outage.| Cybersecurity Dive
The airline seeks to recover damages of more than $500 million in the aftermath of a disruptive IT outage in July. The software provider is looking to hold its liability to the terms of its service agreement.| Cybersecurity Dive
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.| Cybersecurity Dive
Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.| Cybersecurity Dive
The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.| Cybersecurity Dive
Business leaders want to prevent further fallout as nearly all have experienced at least one problematic incident tied to AI, according to an Infosys survey.| Cybersecurity Dive
Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.| Cybersecurity Dive
The federal agency plans to develop guidance to organizations about various AI use cases.| Cybersecurity Dive
Federal officials and rivals blasted the company for charging customers for additional security features.| Cybersecurity Dive
JCDC’s troubles add to the woes of the already-depleted CISA, which could lose even more personnel as additional contracts with private companies expire.| Cybersecurity Dive
Security leaders urge more forceful action after the U.S. accused China of backing a campaign of malicious cyberattacks, including the early 2021 attacks against Microsoft Exchange server.| Cybersecurity Dive
Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.| Cybersecurity Dive
U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers.| Cybersecurity Dive
The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.| Cybersecurity Dive
The attack follows a recent increase in cyberattacks and disruptions at major airlines.| Cybersecurity Dive
A cyberattack on Hawaiian Airlines carries some hallmarks of the notorious cybercrime group.| Cybersecurity Dive
Two reports illustrate how business leaders are thinking about and budgeting for generative AI.| Cybersecurity Dive
NHS Digital warned unknown threat actors are targeting the servers in order to create web shells and enable future data theft, ransomware or other attacks.| Cybersecurity Dive
AI agents aren’t foolproof, but they could soon replace some of the most common tasks for cyber defenders.| Cybersecurity Dive
Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.| Cybersecurity Dive
A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.| Cybersecurity Dive
Researchers say the threat emulation tool may endanger thousands of vulnerable servers.| Cybersecurity Dive
Cyberattackers with administrative access are actively exploiting vulnerabilities in ESXi, Workstation and Fusion products.| Cybersecurity Dive
Weeks after the company released a patch, researchers warn the CVE is being targeted by threat actors.| Cybersecurity Dive
The newspaper chain said attackers encrypted critical applications and impacted billing, payments and print distribution.| Cybersecurity Dive
Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.| Cybersecurity Dive
The plaintiffs claim the company was negligent for failing to protect customer data despite prior warnings about previous attacks.| Cybersecurity Dive
AlphV may have used tactics similar to social engineering attacks disclosed by Okta in regulatory filing.| Cybersecurity Dive
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.| Cybersecurity Dive
The Bellagio and Mandalay Bay casino operator said hotel occupancies are down and certain customer data up to March 2019 was stolen.| Cybersecurity Dive
The company expects a significant financial impact stemming from the recent cyberattack, which is reportedly linked to the Scattered Spider threat group.| Cybersecurity Dive
At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups.| Cybersecurity Dive
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.| Cybersecurity Dive