Major critical infrastructure supplier reports cyberattack
Itron, which makes devices that measure energy and water use, said its operations were continuing, despite the intrusion. Source link
Category: CyberSecurityDive
US, UK authorities warn that Firestarter backdoor malware survives patching
A federal agency was impacted by a hacking campaign that exploited flaws in Cisco devices. Source link
Iran-nexus threat groups refine attacks against critical infrastructure
State-sponsored and hacktivist groups have shown greater determination to damage or disable energy, water and other key sectors. Source link
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
A new security advisory highlights Beijing’s stealthy techniques. Source link
AI-written software creates hassles for wary security teams
A new report explains what cybersecurity practitioners need to see before they trust AI coding tools. Source link
Trump’s CISA director pick withdraws after tumultuous nomination
CISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction. Source link
Microsoft SharePoint vulnerability widely exposed across multiple countries
The disclosure comes just weeks after a prior SharePoint flaw was discovered. Source link
Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says
Hackers can now spin up fake login pages without writing a single line of code. Source link
CISA confirms exploitation of 3 more Cisco networking device vulnerabilities
Cisco revealed six critical flaws in widely used products in February. The government has now seen evidence that hackers are abusing four of them. Source…
Big banks seek to ease security worries as AI push accelerates
“AI is our friend, OK?” said Morgan Stanley CEO Ted Pick during the bank’s earnings call as the industry grapples with its disruptive potential. Source…
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library. Source link
Vercel systems targeted after third-party tool compromised
An employee using a consumer app was breached after granting too many permissions. Source link