Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

United States Capitol building / United States Congress / abstract security concept
red padlock cybersecurity threat ransomeware

CSO > global security

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.

Ransomware  >  A masked criminal ransoms data for payment.

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.

a hand holds an open book from which abstract letters emerge

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.

United States Capitol building / United States Congress / abstract security concept

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

A binary map of china.

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

A laptop displays binary code and the flag of China.

US charges four suspected Chinese spies who coordinated APT40 hackers

The government outlines how APT40 conducted its Microsoft Exchange Server attack and offers advice to defend against nation-state threats.

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

president joe biden meets with russian president vladimir putin in geneva switzerland shutterstock

Ransomware talks: How Biden could push Putin to the table

Under pressure to end the ransomware scourge, the White House faces strong headwinds. The problem: Putin has no motivation to change the status quo.

Conceptual image of a password amid hexadecimal code.

Rainbow tables explained: How they work and why they're (mostly) obsolete

Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.

Digital fingerprints are virtually connected. [tracking / identity / genetics / data privacy]

Supply-chain attack on Kaseya remote management software targets MSPs

REvil ransomware pushers exploit zero-day flaw in Kaseya VSA to infect MSPs and their customers.

Russian hammer and sickle / binary code

US and UK issue rare joint guidance in response to Russian GRU brute force campaign

CISOs should leverage this guidance to help get the resources they need to make these and other cyberattacks too costly for nation-state threat actors and criminals.

Dark net warning sign against black and yellow warning stripes in the background.

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

CSO  >  Botnet  >  Robots amid a blue binary matrix

Botnet attacks on APIs: Why most companies are unprepared

The use of botnets to target applications for illegal and unethical purposes is growing, yet implementation of bot detection tools and best practices lags.

Insider threats  >  Employees suspiciously peering over cubicle walls

Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know

A grand jury has indicted Securolytics COO Vikas Singla for allegedly helping attackers access Gwinnett Medical Center's phone system and printers. This breach of trust presents a dilemma for CISOs.

United States Capitol building / United States Congress / abstract security concept

US Congress tees up ambitious cybersecurity agenda in the wake of supply chain, ransomware attacks

Roughly 115 cybersecurity-related bills are working their way through the legislative process, in many cases with bipartisan support.

DDOS attack

New DDoS extortion attacks detected as Fancy Lazarus group returns

After operating under other names, Fancy Lazarus has fine-tuned its DDoS extortion campaigns, although with mixed results.

Load More