NEW

Security news and analysis brought to you by the McCrary Institute

| READ MORE →

Attackers hit security device defects hard in 2024

(Image by Stefan Coders from Pixabay)

By Matt Kapko • Apr 27, 2025

Attackers are having a field day with software defects in security devices, according to a new report released Wednesday by Mandiant.

Exploits were the most common initial infection vector, representing 1 of every 3 attacks in 2024, and the four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and routers, Mandiant said in its M-Trends report released Wednesday.

“Exploitation of these vulnerabilities represented slightly less than half of all observed vulnerability exploitation,” said Kirstie Failey, principal threat analyst at Google Threat Intelligence Group, under which the Mandiant brand operates.

Read more at CyberScoop

Read More

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

News | Energy

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

CNN • Apr 28, 2025

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

News | Commercial

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

The Associated Press • Apr 27, 2025

Kubernetes pods are inheriting too many permissions

News

Kubernetes pods are inheriting too many permissions

Dark Reading • Apr 27, 2025

How the GCC is strengthening its cyber resilience in the digital age

News | Government

How the GCC is strengthening its cyber resilience in the digital age

World Economic Forum • Apr 27, 2025

Verizon's DBIR reveals 34% jump in vulnerability exploitation

News

Verizon's DBIR reveals 34% jump in vulnerability exploitation

Infosecurity Magazine • Apr 27, 2025

Attackers hit security device defects hard in 2024

News | Information Technology

Attackers hit security device defects hard in 2024

CyberScoop • Apr 27, 2025

News | Financial

Financial malware on the rise as espionage attacks decline

SC Media • Apr 27, 2025

News | Water

Energy | Transportation | Water

CISA flags critical ICS vulnerabilities in Siemens, Schneider Electric, ABB equipment affecting critical sectors

Industrial Cyber • Apr 27, 2025

News

Cisco confirms some products impacted by critical Erlang/OTP flaw

Security Week • Apr 27, 2025

News | Information Technology

ASUS releases fix for AMI bug that lets hackers brick servers

Bleeping Computer • Apr 27, 2025