FCC launches national security unit to counter state-linked threats to US telecoms

The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

By David Jones • March 13, 2025

Medusa ransomware slams critical infrastructure organizations

The ransomware-as-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology.

By Rob Wright • March 13, 2025

Explore the Trendline➔

Risk Management

Cyber risk 

By Cybersecurity Dive staff

Juniper MX routers targeted by China-nexus threat group using custom backdoors

The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory.

By David Jones • March 12, 2025

Emerging botnet exploits TP-Link router flaw posing risk to US organizations

Ballista’s attacks on TP-Link devices comes as U.S. lawmakers consider banning the company's products over suspected links to China.

By Elizabeth Montalbano, Contributing Reporter • March 12, 2025

82% of K-12 schools recently experienced a cyber incident

Cybercriminals are increasingly targeting school networks through phishing and social engineering, a cybersecurity nonprofit reported.

By Anna Merod • March 12, 2025

Former NSA cyber director warns drastic job cuts threaten national security

Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.

By David Jones • March 10, 2025

Cobalt Strike takedown effort cuts cracked versions by 80%

Fortra, Microsoft and Health-ISAC partnership reduced unauthorized copies of red team tool over the last two years.

By Rob Wright • March 7, 2025

Eleven11bot estimates revised downward as researchers point to Mirai variant

The botnet has been involved in DDoS activity targeting telecom companies and gaming platforms.

By David Jones • March 7, 2025

More than 86K IoT devices compromised by fast-growing Eleven11 botnet

The Iran-linked botnet has a large presence in the U.S. and is targeting telecom and other firms with DDoS attacks.

By David Jones • March 4, 2025

Massive Iran-linked botnet launches DDoS attacks against telecom, gaming platforms

Researchers from Nokia Deepfield and GreyNoise warn the botnet has grown to more than 30,000 devices.

By David Jones • March 3, 2025

Critical infrastructure at state, local levels at heightened risk of cyberattacks

State and local governments need additional resources, shared intelligence and coordination, an MS-ISAC report showed.

By David Jones • Feb. 28, 2025

State-linked threat groups collaborating with hacktivists, other actors to target infrastructure

Rogue state actors are increasingly outsourcing their intel and hacking tools to attack key industries, a report by Dragos shows. 

By David Jones • Feb. 26, 2025

Microsoft Power Pages vulnerability exploited in the wild

The high-severity privilege escalation flaw in Microsoft's website building application was disclosed and patched last week.  

By Rob Wright • Feb. 24, 2025

Cisco: Salt Typhoon used new custom malware in telecom attacks

The China-backed hackers used compromised credentials to gain initial access to Cisco devices.

By Rob Wright • Updated Feb. 21, 2025

US authorities warn Ghost ransomware leverages older CVEs

The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.

By David Jones • Feb. 20, 2025

Proof-of-concept exploit released for 4 Ivanti vulnerabilities

Critical flaws in Ivanti Endpoint Manager were initially disclosed and patched last month.

By Rob Wright • Updated Feb. 20, 2025

Ransomware gangs shifting tactics to evade enterprise defenses

Threat actors adapted to improved threat detection, law enforcement actions, new Huntress research finds.

By Rob Wright • Feb. 12, 2025

Microsoft warns 3K exposed ASP.NET machine keys at risk of weaponization

An unknown threat actor recently used an exposed key for code injection cyberattacks. 

By Rob Wright • Feb. 7, 2025

Suspected botnet targets edge devices using brute force attacks

Researchers warn of a surge in attempted logins targeting devices from SonicWall, Palo Alto Networks and others.

By David Jones • Feb. 7, 2025

Hackers deployed web shells, exploited public-facing applications in Q4

A Cisco Talos report also indicated a sharp increase in remote access tools being leveraged in ransomware. 

By David Jones • Feb. 6, 2025

State-linked hackers deploy macOS malware in fake job interview campaign

Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret.

By Robert Wright, Contributing Reporter • Feb. 4, 2025

HPE probes hacker claim involving trove of sensitive company data

The vendor said it has no immediate evidence of operational impacts or compromised customer data.

By David Jones • Jan. 21, 2025

Treasury Department issues sanctions linked to cyber intrusions, telecom attacks

The Office of Foreign Assets Control took measures against a state-linked hacker and a Shanghai-based cybersecurity firm in response to the recent attacks against critical infrastructure in the U.S.

By David Jones • Jan. 21, 2025

Blue Yonder investigating Clop ransomware threat linked to exploited Cleo CVEs

The financially-motivated hacker was previously linked to the mass exploitation of critical vulnerabilities in MOVEit file-transfer software.

By David Jones • Jan. 17, 2025

Cyberattacks, tech disruption rank as top threats to business growth

Two in five executives view data breaches and leaks as the most financially burdensome man-made threats, a Chubb study found.

By Alexei Alexis • Jan. 10, 2025