The Latest
-
Hacktivists exploiting poor cyber hygiene at critical infrastructure providers
CISA, the FBI and international partner agencies want water, energy, agriculture and other sectors to immediately reset passwords and apply multifactor authentication.
-
CVE exploitation nearly tripled in 2023, Verizon finds
Threat actors are going after critical security flaws in widely used applications, but human error is still at the root of business security woes.
-
Deep Dive
At Microsoft, years of security debt come crashing down
Critics say negligence, misguided investments and hubris have left the enterprise giant on its back foot.
-
Change Healthcare, compromised by stolen credentials, did not have MFA turned on
AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.
-
Cactus ransomware targets a handful of Qlik Sense CVEs
Security researchers warn the threat group is ramping up exploitation of previously disclosed flaws in the cloud platform.
-
FTC broadens health breach notification rule
Regulators have been pursuing more enforcement actions against health applications sharing consumers’ data. Friday’s final rule should give those actions more heft.
-
Kaiser exposed up to 13.4M plan member records to third parties
The largest data breach reported to the HHS’ Office for Civil Rights so far this year comes as regulators reconsider healthcare’s use of tracking technologies.
-
Microsoft CEO says security is its No. 1 priority
The comments from Satya Nadella come weeks after a withering report from the federal Cyber Safety Review Board scrutinized how the company prioritized speed to market over security.
-
What is success in cybersecurity? Failing less.
Defenders aren’t measured by pure wins or losses. Intrusions will happen, and their job is to keep a bad situation from getting worse.
-
Cisco devices again targeted by state-linked threat campaign
The campaign, dubbed ArcaneDoor, dates back to late 2023 and is targeting perimeter network devices from Cisco — and potentially other companies.
-
CISA director pushes for vendor accountability and less emphasis on victims’ errors
Stakeholders need to address why vendors are delivering products with common vulnerabilities, which account for the majority of attacks, Jen Easterly said.
-
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
-
Zero-day exploits hit CrushFTP, researchers expect rapid exploitation
CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.
-
Palo Alto Networks quibbles over impact of exploited, compromised firewalls
The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.
-
Enterprises are getting better at detecting security incidents
Google Cloud’s Mandiant saw significant improvements in how organizations track down threats, yet hackers are still abusing common threat vectors.
-
UnitedHealth admits it paid a ransom in Change Healthcare attack
The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.
Updated April 24, 2024 -
Mitre R&D network hit by Ivanti zero-day exploits
Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.
-
Majority of businesses worldwide are implementing zero trust, Gartner finds
Programs are typically sponsored by C-suite executives, while the CISO is often tasked with execution, according to Gartner.
-
Frontier Communications hit by cyberattack, IT systems impacted
The telecom provider said a cybercrime group intruded its IT infrastructure and gained access to PII. The operational disruption following its containment "could be considered material."
-
Cyber insurance gaps stick firms with millions in uncovered losses
A CYE analysis of 101 breaches across various sectors revealed insurance gaps resulting in an average of $27.3 million in uncovered losses per incident.
-
NSA sounds alarm on AI’s cybersecurity risks
Attack vectors unique to AI may attract malicious actors on the hunt for sensitive data or intellectual property, the NSA warned.
-
Palo Alto Networks warns firewall exploits are spreading
Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.
-
Opinion
The art of threat modeling: 3 frameworks to know
Organizations should use the frameworks in a manual or automated way to better understand the security threats they’re up against, Gartner’s William Dupre writes.
Updated April 24, 2024 -
Cisco Duo MFA codes exposed in third-party breach
About 1% of the MFA and single sign-on provider’s business customers are impacted. An attacker intruded the third-party vendor’s systems via phishing.
-
UnitedHealth expects up to $1.6B hit from Change cyberattack this year
Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.