Tag: incident response
623 articles

Abbott Labs Probes Two Cyber Incidents Amid Extortion Claims
Abbott Laboratories is investigating a cyber incident that involved unauthorized access to a limited number of internal systems within its Cancer Diagnostics business, and has activated incident response procedures to address the issue. The company confirms that its operations remain unaffected and that the affected systems are separate from its other businesses and systems.

AI Empowers Cyberattacks with Operational Efficiency
As AI continues to evolve, it's crucial to treat AI-driven threats as a top priority, using the technology to supercharge their attacks and compress timelines. AI is being used by attackers to automate routine work, streamline reconnaissance, and shorten development cycles, turning what once took days into operations that can be executed in just hours.

Ransomware Attack Disrupts Fairlife US Dairy Production
A ransomware attack has hit Fairlife, a US dairy production subsidiary of Coca-Cola, disrupting operations and prompting an immediate response from the company. The incident has triggered a thorough investigation, with outside experts and law enforcement working to contain the breach.

CISA Leak Exposes Gaps in Incident Response, Key Management
A staggering 844 MB of sensitive CISA data was left exposed in a public GitHub repository for almost six months, revealing critical gaps in incident response and key management. The leak included admin credentials and plaintext passwords for internal CISA systems, raising serious concerns about security protocols.

CISA Bolsters Protections After Major Credential Leak
CISA swiftly sprang into action after discovering a major credential leak on May 15, taking swift and decisive steps to halt the breach and prevent further damage. By sharing their incident response experience, CISA aims to help other organizations bolster their defenses and avoid similar security mishaps.

CISA Exposes Lessons from AWS GovCloud Key Incident Response
When a security researcher uncovered exposed credentials in a public GitHub repository, CISA sprang into action, swiftly mitigating any potential exposure to its cloud resources and code repositories. Thanks to the researcher's sharp eyes and KrebsOnSecurity's reporting, CISA was able to respond quickly and contain the incident.

Lumen Technologies Rebuilds Exposure Management with Trusted Asset Data
Lumen Technologies' security team transformed their exposure management by consolidating 40 disconnected systems into one trusted view, growing their asset count from 17,000 to 1.1 million devices. This overhaul empowered them to respond to incidents with confidence, knowing who owned what and taking informed risk decisions.

AI-Powered Attacks Rapidly Compromise Cloud Targets
The increasing accessibility of large language models and agentic AI has empowered even less sophisticated threat actors to launch lightning-fast attacks with unprecedented scale, significantly ramping up the challenge for defenders. This alarming trend enables attackers to accelerate their workflows and compromise cloud targets at an unprecedented pace.

AI SOC Platforms Face Test of Predictive Power
Meet Mike Shannon, Guardant Health's Director of Security Engineering, who's ditched manual queries for Exabot - a game-changing AI solution that's revolutionizing the way security teams operate. By harnessing the power of AI SOC platforms, organizations can now automate core security tasks, freeing up teams to focus on high-stakes threats.

Error Message Misinterpretation Exposes False Hacking Claim
A simple pause and a couple of words can make all the difference - in this case, changing a supposedly sinister hacking claim into a straightforward hard disk failure. A vice president's misread error message, "General failure reading Drive C:", nearly sparked a security scare before Lee, a quick-thinking sysadmin, got to the bottom of it.

Kaspersky Compromise Assessments Reveal Persistent Detection Gaps
Kaspersky's 2025 Compromise Assessment analysis reveals a shocking truth: 60% of incidents go undetected due to a lack of reliable alerts from existing tools, while manual detection accounts for only 20% of discovered threats. This blind spot allows threats to hide for alarmingly long periods, with 30.8% of incidents having a dwell time of over three months.

Network Detection and Response Gains Urgency in AI-Driven Threat Era
In today's AI-driven threat landscape, organizations need to move beyond prevention and adopt a more proactive approach, focusing on network detection and response to swiftly identify and disrupt malicious activity. By doing so, they can effectively mitigate vulnerabilities and contain threats before they escalate into full-blown breaches.

UK Probes Russian Warship's Warning Shots in English Channel
The UK Ministry of Defence is launching an investigation into a tense encounter in the English Channel, where a Russian warship reportedly fired warning shots at a British yacht. Fortunately, no injuries or damage were reported, and the yacht continued on its journey.

Anonymized Infrastructure Exposes Reactive Security Gaps
Despite having access to a flood of IP data, security teams are struggling to turn it into actionable insights, with a staggering 94% of security incidents involving anonymized infrastructure that exposes reactive security gaps. The sheer volume of data is creating a clarity crisis, with analysts overwhelmed by signals but lacking the context needed to respond effectively.

Cybersecurity's 72-Minute Challenge
The clock is ticking: in the blink of an eye, just 72 minutes, attackers can breach your defenses and make off with your data, highlighting a daunting speed gap between threat actors and security teams. This alarming acceleration demands a serious rethink of traditional security operations.

Russian Tu-22M3 Bomber Crashes During Training Flight in Siberia
A Russian Tu-22M3 bomber dramatically crashed during a routine training flight in Siberia, with footage showing the aircraft plummeting nose-first into the ground, but thankfully, all crew members ejected safely with no ground casualties. The incident occurred during an approach to land in the Irkutsk region, with the plane not carrying a combat load.

Maine Data Breach Portal Disabled After Hoax Reports Flood System
The Maine Attorney General's office has temporarily disabled its data breach portal due to an influx of false reports, which were later confirmed to be hoaxes submitted by an unknown entity. The office is now reviewing its internal procedures to prevent similar abuse in the future.

Maine Disables Breach Database After Fake Reports Flood In
Maine's Attorney General's office has temporarily taken down its public database of data breach reports after being flooded with fake submissions, including hoax reports targeting VRChat and another company. The office is reviewing its procedures to prevent future abuse and plans to reinstate the database with enhanced safeguards.

Maine Disables Breach Portal After Hoax Submissions
Maine has temporarily shut down its public data breach reporting portal after being hit with a series of false reports, or hoaxes, submitted through the system. The state's Attorney General's Office is reviewing the situation and has removed the fraudulent filings from its database.

Managed Detection and Response Hits Limits in AI-Powered Attack Era
The traditional Managed Detection and Response model is struggling to keep up with the evolving threat landscape, leaving nearly 1% of real threats hidden in low-severity alerts that often go unreviewed. This means that in a typical enterprise generating 450,000 alerts annually, hundreds of potential security incidents may be slipping through the cracks.

Cyber-Attacks Infiltrate 84% of Sports Organizations
Cyber-attacks have hit a staggering 84% of sports organizations in the past year, with over half of those being targeted multiple times - a worrying trend in an industry where timing and spectacle are everything. This alarming statistic highlights the vulnerability of professional sports teams, venues, and event bodies to cyber threats.

Security Insider Exposes New Hire's Chaotic Tactics
A security insider recounts a tense confrontation with a new colleague over a departing workstation, revealing a chaotic approach to security protocols. The staffer's casual exit with a PC under their arm sparks a heated debate about data safety and responsibility.

Ransomware Disrupts Illinois High School, Wales Education Sector
A ransomware attack has forced Evanston Township High School in Illinois to shut down until at least Wednesday, canceling summer school, sports camps, and on-campus activities. The school has activated its incident response procedures and is working with cyber experts to investigate and recover from the breach.

Cybersecurity Leaders Stress Need for Effective Crisis Playbooks
To navigate a cybersecurity crisis effectively, you need a solid playbook - and that means getting three key things right: identifying the crisis type, assembling the right team, and clarifying roles and responsibilities to build trust. With these pillars in place, you'll be better equipped to tackle even the toughest challenges with confidence.