82% of K-12 schools recently experienced a cyber incident
Dive Brief: A startling majority — 82% — of K-12 schools experienced a cyber incident between July 2023 and December 2024, according to a report…
Category: CyberSecurityDive
Emerging botnet exploits TP-Link router flaw posing risk to US organizations
A new IoT botnet that exploits a remote code execution (RCE) flaw in TP-Link Archer routers has been targeting U.S. organizations since January, with thousands…
Juniper MX routers targeted by China-nexus threat group using custom backdoors
Dive Brief: A China-nexus threat actor with apparent in-depth knowledge of Juniper MX devices has compromised the routers using custom backdoors, according to research released…
CISA: 3 Ivanti endpoint vulnerabilities exploited in the wild
Three critical vulnerabilities in Ivanti Endpoint Manager (EPM) are currently under active exploitation in the wild, according to the Cybersecurity and Infrastructure Security Agency (CISA).…
Trump nominates Plankey to lead CISA
President Trump has named Sean Plankey to become the director of the Cybersecurity and Infrastructure Security Agency, according to a list of newly filed nominations.…
Majority of ransomware claims involved compromise of perimeter security devices
Dive Brief: About six of every 10 ransomware claims in 2024 involved the compromise of a perimeter security device such as a virtual private network…
Former NSA cyber director warns drastic job cuts threaten national security
A retired top cybersecurity official from the National Security Agency warned a key House panel that widespread cuts to federal probationary workers could severely harm…
Critical PHP vulnerability under widespread cyberattack
Dive Brief: CVE-2024-4577, a critical argument-injection vulnerability that affects PHP installations in Windows systems, has come under widespread exploitation in several countries such as the…
Eleven11bot estimates revised downward as researchers point to Mirai variant
Dive Brief: Security researchers have revised their estimates of the size of Eleven11bot, which has exploited IoT devices for DDoS attacks against telecom, gaming platforms…
37K+ VMware ESXi instances vulnerable to critical zero-day
Dive Brief: Broadcom on Tuesday disclosed three zero-day vulnerabilities that affect multiple VMware products, including ESXi, Workstation and Fusion. The vulnerabilities have been exploited in…
Cyberattacks targeting IT vendors intensify, causing bigger losses
Dive Brief: Cyberattacks targeting third-party vendors are causing more financial damage than ever before, cyber risk management firm Resilience said in a recent report. Nearly…
CrowdStrike shares fall as company forecasts lower-than-expected results
Shares of CrowdStrike Holdings were down in morning trading after the cybersecurity vendor issued an earnings forecast that came in below expectations as it continues…