-
2 days ago | 
cybersecuritydive.com | David Jones
The breach marks the latest in a series of recent attacks linked to cybercrime group Scattered Spider.
-
6 days ago | 
cybersecuritydive.com | David Jones
Hackers are exploiting a critical vulnerability in Zyxel’s Internet Key Exchange packet decoder, GreyNoise researchers warned on Monday. The vulnerability, tracked as CVE-2023-28771, powered a sudden wave of exploitation attempts Monday, with researchers observing 244 unique IP addresses involved in the activity.
-
1 week ago | 
cybersecuritydive.com | David Jones
Hackers linked to a recent string of attacks on U.K. and U.S. retailers are now targeting the insurance industry, according to Google researchers. The attackers, suspected to be part of the collective known as Scattered Spider, have been targeting the retail industry since April and pivoted toward the insurance industry earlier this month, according to Google. Researchers say there are already multiple confirmed incidents at insurance companies.
-
1 week ago | 
cybersecuritydive.com | David Jones
Security researchers are warning that the outbreak of direct hostilities between Israel and Iran may soon lead to malicious cyberattacks against critical infrastructure sites in the U.S. from state-linked actors, hacktivist groups and cyber criminals. State-backed and hacktivist cyber threats against Israel and the U.S.’s Middle Eastern allies are escalating, according to researchers at Radware. Experts have seen a spike in pro-Iran threat activity on Telegram and other public channels.
-
1 week ago | 
cybersecuritydive.com | David Jones
Government agencies are operating with massive amounts of “security debt” — meaning unresolved vulnerabilities — putting them and the public at increased risk of falling victim to hackers, according to a Veracode report released Wednesday. Roughly 80% of government agencies have software vulnerabilities that have gone unaddressed for at least a year, and roughly 55% of them have long-standing software flaws that place them at even greater risk, the report found.
-
1 week ago | 
cybersecuritydive.com | David Jones
A recently fixed critical vulnerability in Microsoft’s Copilot AI tool could have let a remote attacker steal sensitive data from an organization simply by sending an email, researchers say. The vulnerability, dubbed EchoLeak and assigned the identifier CVE-2025-32711, could have allowed hackers to mount an attack without the target user having to do anything.
-
1 week ago | 
cybersecuritydive.com | David Jones
Marks & Spencer on Tuesday said it has resumed limited online-ordering capabilities after an April cyberattack that led to major disruptions at the U.K. department store chain. The retailer said it can once again accept online orders for standard delivery to England, Wales and Scotland, while delivery to Northern Ireland would take a few more weeks, according to an update on its website.
-
2 weeks ago | 
cybersecuritydive.com | David Jones
Scattered Spider, the collective cyber-threat group suspected in the hacks of multiple retail brands in the United Kingdom, Europe and the U.S., is now targeting managed service providers and IT vendors as part of a sophisticated campaign to infiltrate customers of those companies, according to a report released on Friday from Reliaquest.
-
2 weeks ago | 
cybersecuritydive.com | David Jones
Corporate executives are facing a rise in impersonation-based cyberattacks aimed at gaining access to their home networks and putting them and their families at risk of personal harm, security researchers and other experts warn. The increase in threat activity is connected to the growing sophistication of voice-cloning and deepfake technology, which allows attackers to send out fake videos and messages claiming to be from trusted contacts, such as senior executives at the targets’ companies.
-
2 weeks ago | 
cybersecuritydive.com | David Jones
Hundreds of U.S. water utilities have bolstered the security of their industrial control systems after working with researchers who discovered that their highly sensitive equipment was accessible from the internet. The security firm Censys discovered in late 2024 that nearly 400 human-machine interfaces — which allow workers to control industrial systems in water facilities and other critical infrastructure — were exposed on the internet.
