Cyberattacks
-
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
The software is widely used in projects by local governments, utilities, airports and other facilities.
By David Jones • Feb. 10, 2025 -
HPE issues breach notifications for 2023 Midnight Blizzard attack
Russian state-sponsored hackers compromised the tech giant's Office 365 email environment.
By Rob Wright • Feb. 10, 2025 -
Suspected botnet targets edge devices using brute force attacks
Researchers warn of a surge in attempted logins targeting devices from SonicWall, Palo Alto Networks and others.
By David Jones • Feb. 7, 2025 -
Hackers deployed web shells, exploited public-facing applications in Q4
A Cisco Talos report also indicated a sharp increase in remote access tools being leveraged in ransomware.
By David Jones • Feb. 6, 2025 -
DeepSeek surge hits companies, posing security risks
The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.
By Alexei Alexis • Feb. 5, 2025 -
Ransomware payments fell 35% in 2024
Cyberattacks using ransomware spiked in the second half of the year, but fewer victims paid up.
By Rob Wright • Feb. 5, 2025 -
Deloitte pays $5M in connection with breach of Rhode Island benefits site
The company agreed to cover expenses related to recovery from the December cyberattack.
By David Jones • Feb. 5, 2025 -
State-linked hackers deploy macOS malware in fake job interview campaign
Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret.
By Robert Wright, Contributing Reporter • Feb. 4, 2025 -
SonicWall SMA 1000 series appliances left exposed on the internet
The company last week confirmed attackers are actively exploiting a critical vulnerability in the devices.
By David Jones • Jan. 28, 2025 -
Deep Dive
Network security tool defects are endemic, eroding enterprise defense
When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers.
By Matt Kapko • Jan. 28, 2025 -
Procter & Gamble operations unhindered by Blue Yonder disruption
The consumer goods company built an in-house solution to keep orders moving as its transportation management system provider navigated a ransomware attack.
By Kelly Stroh • Jan. 28, 2025 -
UnitedHealth hikes number of Change cyberattack breach victims to 190M
The new estimate nearly doubles the company’s previous report of 100 million affected individuals, already the largest healthcare data breach ever reported to federal regulators.
By Emily Olsen • Jan. 27, 2025 -
BeyondTrust says 17 customers impacted by December cyberattack spree
State-linked hackers were linked to a series of attacks that led to the theft of unclassified data from the Treasury Department.
By David Jones • Jan. 24, 2025 -
Attackers lodge backdoors into Ivanti Connect Secure devices
Shadowserver scans found 379 compromised Ivanti Connect Secure devices. Researchers said the situation is serious and likely impacts more organizations.
By Matt Kapko • Jan. 24, 2025 -
Ivanti zero-days chained together in at least 3 attacks, authorities warn
The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.
By Matt Kapko • Jan. 23, 2025 -
Government payments contractor Conduent confirms cyberattack impacts multiple states
The incident led to delays in processing child support payments in Wisconsin.
By David Jones • Jan. 23, 2025 -
Google Cloud links poor credentials to nearly half of all cloud-based attacks
Cloud services with weak credentials were a prime target for attackers, often resulting in lateral movement attempts, a Google Cloud report found.
By Matt Kapko • Jan. 22, 2025 -
PowerSchool data breach brings claims of negligence, poor cyber hygiene
The K-12 software company is facing legal pushback and criticism following a cyberattack that impacted a still unknown number of districts.
By Anna Merod • Jan. 22, 2025 -
CISA clocked Salt Typhoon in federal networks before telecom intrusions
Outgoing CISA Director Jen Easterly didn’t say what agencies were impacted by Salt Typhoon or when, but noted it provided greater visibility into the active campaign.
By Matt Kapko • Jan. 16, 2025 -
Ivanti zero-day has researchers scrambling
Threat hunters are on high alert as 900 Ivanti Connect Secure instances remain unpatched and vulnerable to exploitation, according to Shadowserver.
By Matt Kapko • Jan. 13, 2025 -
Hack of Rhode Island social services platform impacted at least 709K, officials say
State officials received reports from Deloitte and a third-party forensic firm showing the threat to the database has been mitigated and restoration efforts are underway.
By David Jones • Jan. 10, 2025 -
4 cybersecurity trends to watch in 2025
Critical industries are up against never before seen challenges to remain secure and operational, while regulatory pressures have completely upended the role of the CISO in corporate America.
By David Jones , Matt Kapko • Jan. 9, 2025 -
Ivanti customers confront new zero-day with suspected nation-state nexus
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.
By Matt Kapko • Jan. 9, 2025 -
AT&T, Verizon say they evicted Salt Typhoon from their networks
Two of the largest telecom providers in the U.S. said the China-government sponsored threat group is no longer embedded in their networks.
By Matt Kapko • Jan. 7, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA says hack targeting Treasury Department did not impact other federal agencies
BeyondTrust says an investigation of a December attack spree is nearing completion and SaaS instances are fully patched. Hackers used a stolen key to attack Treasury workstations.
By David Jones • Jan. 7, 2025