Cisco confirms cyberattacks on Smart Licensing Utility flaw
Dive Brief: CISA earlier this week added CVE-2024-20439, a critical flaw in the Cisco Smart Licensing Utility, to its known exploited vulnerabilities (KEV) catalog. The…
Category: CyberSecurityDive
Check Point Software confirms security incident but pushes back on threat actor claims
Check Point Software confirmed it was targeted in a recent hacking attempt after a threat actor offered to sell sensitive customer information on a dark…
Mass login scans of PAN GlobalProtect portals surge
A recent surge in login attempts targeting Palo Alto Networks’ PAN-OS GlobalProtect portals mainly located in the U.S. could be a precursor to a large-scale…
FTC chief flags data privacy concerns in 23andMe bankruptcy
Federal Trade Commission Chairman Andrew Ferguson on Monday said genetic testing company 23andMe, which recently initiated a bankruptcy proceeding, must honor its data privacy and security…
Sam’s Club investigating attack claim linked to Clop ransomware
Sam’s Club confirmed it is investigating a possible cyberattack after the retailer was referenced on a leak site by the prolific Clop ransomware gang. Clop…
Critical vulnerability in CrushFTP file transfer software under attack
A critical vulnerability in CrushFTP’s file transfer server software has come under attack less than a week after the flaw was assigned a CVE. The…
Enterprises beef up cybersecurity plans to mitigate AI risks
Dive Brief: Enterprises are working to address AI’s risks as adoption increases, according to a report published this week by insurance and risk management services…
Hacker linked to Oracle Cloud intrusion threatens to sell stolen data
The threat actor that claimed responsibility for an alleged data breach at Oracle Cloud is threatening to release or sell the data, according to security…
CISA warns new malware targeting Ivanti zero-day vulnerability
Dive Brief: The Cybersecurity and Infrastructure Security Agency on Friday issued an alert for a new malware variant, dubbed Resurge, that is exploiting CVE-2025-0282, a…
SEC should avoid ‘overly prescriptive’ AI rules, acting chair says
Dive Brief: Acting Securities and Exchange Commission Chairman Mark Uyeda on Thursday called for a softer agency approach to artificial intelligence regulation, reflecting a broader…
Cybersecurity firms brace for impact of potential Oracle Cloud breach
Information security firms are taking measures to protect customers and their own networks as they wait for official guidance following claims of a massive attack…
Solar power gear vulnerable to remote sabotage
Solar inverters made by three of the world’s largest manufacturers were found vulnerable to remote sabotage that could have produced large-scale power outages. Researchers from…