The SolarWinds hack caused government and industry leaders to rethink how software is made and secured, giving rise to close scrutiny of the software supply chain.| Cybersecurity Dive
The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.| Cybersecurity Dive
The court ruling related to claims leading up to and immediately following the 2020 Sunburst supply chain hack.| Cybersecurity Dive
The Cybersecurity and Infrastructure Agency called on all federal civilian agencies to review their networks for evidence of compromise and to disconnect or power off SolarWinds Orion products immediately.| Cybersecurity Dive
A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.| Cybersecurity Dive
Basic vulnerabilities account for most cyberattacks, but security leaders say they’re more concerned about the risks of AI, new research shows.| Cybersecurity Dive
As industry returns from the holiday break, organizations are assessing potential security threats from Log4j, ranging from coin miners to hands-on-keyboard attacks.| Cybersecurity Dive
Microsoft warns that threat actors are using third-party hosted Minecraft servers to launch ransomware attacks. The company also warned that access brokers are getting into the game.| Cybersecurity Dive
Even with new patches available, CISA is concerned that threat actors will easily shake off the fixes once again.| Cybersecurity Dive
The vulnerability has upended federal officials and the infosec industry, putting hundreds of millions of devices and systems at risk.| Cybersecurity Dive
Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.| Cybersecurity Dive
The research also found that cyberattacks have escalated both in frequency and severity in the past year, with AI serving as a primary driver behind the surge.| Cybersecurity Dive - Latest News
Hackers have gained access to key information that could help exploit firewalls.| Cybersecurity Dive - Latest News
Meanwhile, Stellantis said hackers gained access to some customer information in a third-party data breach.| Cybersecurity Dive - Latest News
A report by S&P says organizations should consider changes to strengthen cyber governance, training and awareness.| Cybersecurity Dive - Latest News
Patching won’t be able to keep up with discovery, said Rob Joyce, who once led the National Security Agency's elite hacking team.| Cybersecurity Dive - Latest News
A suspected ransomware attack targeting a U.S. company that provides check-in technology has led to widespread flight disruptions since Friday.| Cybersecurity Dive - Latest News
The increasing use of AI will drive a demand for technology that can anticipate and neutralize threats, Gartner said in a new report.| Cybersecurity Dive - Latest News
The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.| Cybersecurity Dive - Latest News
IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report.| Cybersecurity Dive
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.| Cybersecurity Dive
The firm is giving away services and offering deferred billing to corral new customers into its consolidated cybersecurity platforms.| Cybersecurity Dive
Available through January, the response program comes at a time of heightened demand for rapid forensic services, particularly in light of the coming SEC incident response enforcement.| Cybersecurity Dive
The agreement could completely reshape the market for identity security, according to analysts.| Cybersecurity Dive
A prominent former member of a recently shuttered cyber-incident review panel said the board should be reconstituted with independent authority.| Cybersecurity Dive
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.| Cybersecurity Dive
The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.| Cybersecurity Dive
Airport staff began turning on and testing systems for international and low-volume carriers, which are the most heavily impacted by the outage.| Cybersecurity Dive
The airline seeks to recover damages of more than $500 million in the aftermath of a disruptive IT outage in July. The software provider is looking to hold its liability to the terms of its service agreement.| Cybersecurity Dive
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.| Cybersecurity Dive
Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.| Cybersecurity Dive
The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.| Cybersecurity Dive
Business leaders want to prevent further fallout as nearly all have experienced at least one problematic incident tied to AI, according to an Infosys survey.| Cybersecurity Dive
Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.| Cybersecurity Dive
The federal agency plans to develop guidance to organizations about various AI use cases.| Cybersecurity Dive
Federal officials and rivals blasted the company for charging customers for additional security features.| Cybersecurity Dive
JCDC’s troubles add to the woes of the already-depleted CISA, which could lose even more personnel as additional contracts with private companies expire.| Cybersecurity Dive
Experts urged Fortinet customers to immediately apply patches or disable the affected administrative interface.| Cybersecurity Dive
Security leaders urge more forceful action after the U.S. accused China of backing a campaign of malicious cyberattacks, including the early 2021 attacks against Microsoft Exchange server.| Cybersecurity Dive
Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.| Cybersecurity Dive
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.| Cybersecurity Dive
U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers.| Cybersecurity Dive
Even companies in more insulated fields, such as cyber vendors Sophos, Okta and Secureworks, are bound to feel the pain as enterprises cut spending.| Cybersecurity Dive
The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.| Cybersecurity Dive
The attack follows a recent increase in cyberattacks and disruptions at major airlines.| Cybersecurity Dive
A cyberattack on Hawaiian Airlines carries some hallmarks of the notorious cybercrime group.| Cybersecurity Dive
Two reports illustrate how business leaders are thinking about and budgeting for generative AI.| Cybersecurity Dive
NHS Digital warned unknown threat actors are targeting the servers in order to create web shells and enable future data theft, ransomware or other attacks.| Cybersecurity Dive
AI agents aren’t foolproof, but they could soon replace some of the most common tasks for cyber defenders.| Cybersecurity Dive
Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.| Cybersecurity Dive
A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.| Cybersecurity Dive
Researchers say the threat emulation tool may endanger thousands of vulnerable servers.| Cybersecurity Dive
Cyberattackers with administrative access are actively exploiting vulnerabilities in ESXi, Workstation and Fusion products.| Cybersecurity Dive
Weeks after the company released a patch, researchers warn the CVE is being targeted by threat actors.| Cybersecurity Dive
The newspaper chain said attackers encrypted critical applications and impacted billing, payments and print distribution.| Cybersecurity Dive
Salt Typhoon gained access to many telecom networks and stole large amounts of data, including audio and text of targeted people involved in government or politics.| Cybersecurity Dive
The plaintiffs claim the company was negligent for failing to protect customer data despite prior warnings about previous attacks.| Cybersecurity Dive
AlphV may have used tactics similar to social engineering attacks disclosed by Okta in regulatory filing.| Cybersecurity Dive
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.| Cybersecurity Dive
The Bellagio and Mandalay Bay casino operator said hotel occupancies are down and certain customer data up to March 2019 was stolen.| Cybersecurity Dive
The company expects a significant financial impact stemming from the recent cyberattack, which is reportedly linked to the Scattered Spider threat group.| Cybersecurity Dive
At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups.| Cybersecurity Dive
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.| Cybersecurity Dive