The Latest
-
Courtesy of Trimble
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
The software is widely used in projects by local governments, utilities, airports and other facilities.
-
JHVEPhoto via Getty Images
HPE issues breach notifications for 2023 Midnight Blizzard attack
Russian state-sponsored hackers compromised the tech giant's Office 365 email environment.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Private equity firm to acquire SolarWinds for $4.4B
SolarWinds, which now will go private, was embroiled in a massive supply chain attack in 2020 linked to Russia-backed threat actors.
-
hapabapa via Getty Images
Microsoft warns 3K exposed ASP.NET machine keys at risk of weaponization
An unknown threat actor recently used an exposed key for code injection cyberattacks.
-
gorodenkoff/iStock via Getty Images
Suspected botnet targets edge devices using brute force attacks
Researchers warn of a surge in attempted logins targeting devices from SonicWall, Palo Alto Networks and others.
-
Motortion via Getty Images
Hackers deployed web shells, exploited public-facing applications in Q4
A Cisco Talos report also indicated a sharp increase in remote access tools being leveraged in ransomware.
-
Just_Super via Getty Images
State-linked hackers deploy macOS malware in fake job interview campaign
Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret.
-
Just_Super via Getty Images
Ransomware payments fell 35% in 2024
Cyberattacks using ransomware spiked in the second half of the year, but fewer victims paid up.
-
Courtesy of Rhode Island
Deloitte pays $5M in connection with breach of Rhode Island benefits site
The company agreed to cover expenses related to recovery from the December cyberattack.
-
Atstock Productions via Getty Images
Sophos completes $859M acquisition of Secureworks
The deal comes amid a flurry of recent merger and acquisition deals in the cybersecurity sector.
-
Sarah Silbiger via Getty Images
FDA, CISA warn about vulnerabilities in patient health monitors
Vulnerabilities in certain Contec and Epsimed patient monitors can allow people to gain access and potentially manipulate the devices, the FDA warned.
-
.shock via Getty Images
The cybersecurity outlook for 2025
Threat actors are exploiting known weak points and enterprises’ dependency across the tech stack. It’s making cybersecurity professionals’ jobs harder than ever before.
-
solarseven
Security tool consolidation boosts efficiency, threat mitigation
A study from IBM shows the controversial shift to platformization can pay off for enterprises.
-
Getty Images via Getty Images
CISO stature gains traction as global cyber risk escalates
Security leaders are making inroads with corporate boards and now have a seat at the table with CEOs, a Splunk report shows.
-
simon2579 via Getty Images
What roadblocks await CISOs in 2025
Burnout seems certain as CISOs confront budget constraints, a heavy workload and job dissatisfaction.
-
Just_Super via Getty Images
Attackers exploit zero-day vulnerability in Zyxel CPE devices
Researchers say the manufacturer has yet to publicly disclose or patch the flaw.
-
malerapaso via Getty Images
Tech execs grapple with budget sinkholes as AI drives up spend
Unpredictable cloud bills, outdated software licenses and shadow IT frustrate FinOps efforts, according to Apptio.
-
Stock photos via Getty Images
Deep DiveNetwork security tool defects are endemic, eroding enterprise defense
When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers.
-
gorodenkoff via Getty Images
SonicWall SMA 1000 series appliances left exposed on the internet
The company last week confirmed attackers are actively exploiting a critical vulnerability in the devices.
-
Scott Olson/Getty Images via Getty Images
Procter & Gamble operations unhindered by Blue Yonder disruption
The consumer goods company built an in-house solution to keep orders moving as its transportation management system provider navigated a ransomware attack.
-
Just_Super via Getty Images
SonicWall warns hackers targeting critical vulnerability in SMA 1000 series appliances
Researchers from Microsoft Threat Intelligence alerted the company to suspected threat activity.
-
Courtesy of UnitedHealth Group
UnitedHealth hikes number of Change cyberattack breach victims to 190M
The new estimate nearly doubles the company’s previous report of 100 million affected individuals, already the largest healthcare data breach ever reported to federal regulators.
-
iStock / Getty Images Plus via Getty Images
Attackers lodge backdoors into Ivanti Connect Secure devices
Shadowserver scans found 379 compromised Ivanti Connect Secure devices. Researchers said the situation is serious and likely impacts more organizations.
-
Chip Somodevilla via Getty Images
BeyondTrust says 17 customers impacted by December cyberattack spree
State-linked hackers were linked to a series of attacks that led to the theft of unclassified data from the Treasury Department.
-
CharlieTong via Getty Images
Government payments contractor Conduent confirms cyberattack impacts multiple states
The incident led to delays in processing child support payments in Wisconsin.
