Threats News | Cybersecurity Dive

Exclamation mark depicted over code. — WhataWin/Getty Images via Getty Images

Critical vulnerability in CrushFTP file transfer software under attack

Questions and confusion surround the authentication bypass vulnerability, which was privately disclosed to customers on March 21.

By Rob Wright • April 1, 2025

Cyber Security Data Breach Protection Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured — Just_Super via Getty Images

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

Security researchers from Trustwave SpiderLabs provided additional evidence backing up claims of a breach.

By David Jones • March 31, 2025

Oracle's Silicon Valley corporate headquarters in Redwood, California pictured on September 9, 2019. — Sundry Photography via Getty Images

Threat actor in Oracle Cloud breach may have gained access to production environments

Researchers from CloudSEK are analyzing a data sample from a threat actor that claimed a massive breach involving 6 million records.

By David Jones • March 27, 2025

Creative image depicting a ransomware attack. — bin kontan / Getty Images via Getty Images

Ransomware gangs increasingly brandish EDR bypass tools

Custom tool developed by RansomHub, dubbed “EDRKillShifter,” is used by several other rival ransomware gangs.

By Rob Wright • March 27, 2025

FCC Brendan Carr — Kevin Dietsch via Getty Images

FCC investigating China-linked companies over evasion of US national security measures

The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.

By David Jones • March 24, 2025

Cybersecurity Challenges in Remote Work, exploring vulnerabilities, evolving threats, employee awareness, digital transformation impacts — stock.adobe.com/peera

How ASPM gives you control over complex architectures

ASPM gives organizations control by unifying risk data, automating threat analysis, and prioritizing vulnerabilities based on their business impact.

By Sohail Iqbal, Chief Information Security Officer, Veracode • March 24, 2025

RansomHub using FakeUpdates scheme to attack government sector

The ransomware gang is collaborating with SocGholish, an extensive malware operation that employs compromised websites and fake browser updates.

By Rob Wright • March 18, 2025

Password input field — Getty via Getty Images

Black Basta uses brute-forcing tool to attack edge devices

The ransomware gang developed an automated framework to guess weak and reused passwords on VPNs and firewalls.

By Rob Wright • March 17, 2025

Federal Communications Commission Commissioner Brendan Carr — Kevin Dietsch / Getty Images via Getty Images

FCC launches national security unit to counter state-linked threats to US telecoms

The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

By David Jones • March 13, 2025

A bronze depiction of ancient god Medusa with snakes in her hair — Paul Campbell via Getty Images

Medusa ransomware slams critical infrastructure organizations

The ransomware-as-a-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology.

By Rob Wright • March 13, 2025

A person types on a laptop in a dark room. — jariyawat thinsandee via Getty Images

Juniper MX routers targeted by China-nexus threat group using custom backdoors

The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory.

By David Jones • March 12, 2025

New generation internet technologies and security bug. — Devrimb

Emerging botnet exploits TP-Link router flaw posing risk to US organizations

Ballista’s attacks on TP-Link devices comes as U.S. lawmakers consider banning the company’s products over suspected links to China.

By Elizabeth Montalbano, Contributing Reporter • March 12, 2025

A digital depiction of a red triangle sign with an exclamation point in the center with binary code in the background. — Stock Photo via Getty Images

82% of K-12 schools recently experienced a cyber incident

Cybercriminals are increasingly targeting school networks through phishing and social engineering, a cybersecurity nonprofit reported.

By Anna Merod • March 12, 2025

Capitol building, DC — Getty Images via Getty Images

Former NSA cyber director warns drastic job cuts threaten national security

Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.

By David Jones • March 10, 2025

Image of healthcare equipment — Just_Super via Getty Images

Cobalt Strike takedown effort cuts cracked versions by 80%

Fortra, Microsoft and Health-ISAC partnership reduced unauthorized copies of red team tool over the last two years.

By Rob Wright • March 7, 2025

Close-up Portrait of Software Engineer Working on Computer, Line of Code Reflecting in Glasses. — gorodenkoff via Getty Images

Eleven11bot estimates revised downward as researchers point to Mirai variant

The botnet has been involved in DDoS activity targeting telecom companies and gaming platforms.

By David Jones • March 7, 2025

Broadband connections — NicoElNino via Getty Images

More than 86K IoT devices compromised by fast-growing Eleven11 botnet

The Iran-linked botnet has a large presence in the U.S. and is targeting telecom and other firms with DDoS attacks.

By David Jones • March 4, 2025

Remote access tools most frequently targeted as ransomware entry points

Windows CLFS zero-day exploited in ransomware attacks

Risk Management

Over 5K Ivanti VPNs vulnerable to critical bug under attack

Trump administration under scrutiny as it puts major round of CISA cuts on the table

How CISOs approach risk management