Medusa ransomware slams critical infrastructure organizations
The Medusa ransomware gang has infected more than 300 organizations in critical infrastructure sectors such as the medical, manufacturing and technology industries. That’s according to…
Category: CyberSecurityDive
FCC launches national security unit to counter state-linked threats to US telecoms
Dive Brief: Federal Communications Commission Chairman Brendan Carr announced Thursday the launch of a Council on National Security, designed to counter growing cyber threats from…
82% of K-12 schools recently experienced a cyber incident
Dive Brief: A startling majority — 82% — of K-12 schools experienced a cyber incident between July 2023 and December 2024, according to a report…
Emerging botnet exploits TP-Link router flaw posing risk to US organizations
A new IoT botnet that exploits a remote code execution (RCE) flaw in TP-Link Archer routers has been targeting U.S. organizations since January, with thousands…
Juniper MX routers targeted by China-nexus threat group using custom backdoors
Dive Brief: A China-nexus threat actor with apparent in-depth knowledge of Juniper MX devices has compromised the routers using custom backdoors, according to research released…
CISA: 3 Ivanti endpoint vulnerabilities exploited in the wild
Three critical vulnerabilities in Ivanti Endpoint Manager (EPM) are currently under active exploitation in the wild, according to the Cybersecurity and Infrastructure Security Agency (CISA).…
Trump nominates Plankey to lead CISA
President Trump has named Sean Plankey to become the director of the Cybersecurity and Infrastructure Security Agency, according to a list of newly filed nominations.…
Majority of ransomware claims involved compromise of perimeter security devices
Dive Brief: About six of every 10 ransomware claims in 2024 involved the compromise of a perimeter security device such as a virtual private network…
Former NSA cyber director warns drastic job cuts threaten national security
A retired top cybersecurity official from the National Security Agency warned a key House panel that widespread cuts to federal probationary workers could severely harm…
Critical PHP vulnerability under widespread cyberattack
Dive Brief: CVE-2024-4577, a critical argument-injection vulnerability that affects PHP installations in Windows systems, has come under widespread exploitation in several countries such as the…
Eleven11bot estimates revised downward as researchers point to Mirai variant
Dive Brief: Security researchers have revised their estimates of the size of Eleven11bot, which has exploited IoT devices for DDoS attacks against telecom, gaming platforms…
37K+ VMware ESXi instances vulnerable to critical zero-day
Dive Brief: Broadcom on Tuesday disclosed three zero-day vulnerabilities that affect multiple VMware products, including ESXi, Workstation and Fusion. The vulnerabilities have been exploited in…