Cybersecurity news covers the latest developments and trends in protecting computers, networks, programs, and data from unauthorized access, attack, or damage. Staying up-to-date with cybersecurity news helps professionals identify threats, develop defense strategies, and meet regulatory compliance requirements.
Notable cyberattacks and breaches that made headlines in 2023 included the massive global ransomware attack known as NotPetya that began in Ukraine and quickly spread across the world, disrupting systems at thousands of companies including shipping giant Maersk, pharmaceutical company Merck, FedEx Europe subsidiary TNT Express, construction company Saint-Gobain, and food producer Mondelez. The attack was ultimately estimated to cost more than $10 billion in damages and lost revenue.
The 23andMe data breach in October demonstrated how hackers can exploit poor password hygiene to steal sensitive information. The personal genetic testing company was able to access the profiles of 14 million users by reusing passwords leaked in previous data breaches.
Zero-day vulnerabilities — flaws that are exploited before vendors release patches — continue to be used by attackers to gain early access and achieve lateral movement, privilege escalation, and data exfiltration. One of the most alarming trends is how little time defenders have to respond to these attacks, as more than 25% of vulnerabilities were exploited within 24 hours of disclosure.
Attacks targeting financial services organizations are becoming more sophisticated. In November, an attack at a subsidiary of the Industrial and Commercial Bank of China halted operating systems used for clearing US Treasury trades and repo financing. This impacted major market players and left BNY Mellon owing $9 billion in uncollected trades, highlighting the growing risk of payment interruptions from cybersecurity incidents and the interconnected nature of financial systems.