Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

Security system alert: 'DANGER'
Tech Spotlight   >   Analytics [CSO]   >   An image of a bottle of poison emanating binary code.

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.

Digital Transformation [DX]  >  dandelion seeds blown by a virtual wind of change

The SolarWinds hack timeline: Who knew what, and when?

Impact, detection, response, and ongoing fallout from the attack on SolarWinds' Orion remote IT management software.

A gavel rests on open law book. [law / regulation / compliance / legal liability]

States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks

Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.

succession brain sharing intellectual knowledge sharing

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.

ransomware attack

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

Security system alert, warning of a cyberattack.

The SolarWinds Senate hearing: 5 key takeaways for security admins

Testimony by key security executives in the US Senate reveal how unprepared most organizations are for supply chain attacks. Here are the lessons security admins should learn from it.

backdoor / abstract security circuits, locks and data blocks

5 questions CISOs should be able to answer about software supply chain attacks

The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.

binary cyberattack cybersecurity hacked protected

Why the Microsoft Exchange Server attack isn’t going away soon

For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

4 ways to keep the cybersecurity conversation going after the crisis has passed

Executives and board members focus more on cybersecurity when there’s immediate danger. Here’s how CISOs can use a crisis like SolarWinds to translate security into business strategy.

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

The biggest data breach fines, penalties, and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.

A broken link in a digital chaing / weakness / vulnerability

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

United States Capitol building / United States Congress / abstract security concept

Cyber Diplomacy Act aims to elevate America's global cybersecurity standing

The new bill has bipartisan support to improve the US's ability to prevent and respond to cyberattacks and correct missteps of the Trump administration.

CSO > cyber insurance / umbrella hub connected to connected devices and online activities

New York issues cyber insurance framework as ransomware, SolarWinds costs mount

The state looks to protect one of its core industries, which is threatened by mounting and potentially "unsustainable" losses due to the SolarWinds and ransomware attacks.

Ransomware  >  A coin-operated lock ransoming an encrypted system.

Egregor ransomware group explained: And how to defend against it

Egregor is one of the most rapidly growing ransomware families. It employs "double ransom" techniques to threaten reputational damage and increase pressure to pay.

Ransomware  >  A masked criminal ransoms data for payment.

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.

locked data / bitcoins

How ransomware negotiations work

Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px

Oldsmar cyberattack raises importance of water utility assessments, training

The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.

Load More