Matthew Lane pleaded guilty to crimes stemming from attacks on PowerSchool and a U.S. telecom company earlier this year. His sentence is half the amount prosecutors sought…
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services.
Traffic along Pennsylvania Avenue streaks by the Department of Justice (DOJ) headquarters building at night with the US Capitol in the background on Jan. 24, 2025, in Washington. (J. David Ake/Getty Images)
The cryptocurrency seizure and sanctions targeting the Prince Group, associates and affiliated businesses mark the most extensive action taken against cybercrime operations in the region to date.
The vendor belatedly admitted the max-severity vulnerability was actively exploited weeks after researchers and officials confirmed as much independently.
The security vendor’s customers have confronted a barrage of actively exploited defects since 2021. The brute-force attack on a company-controlled system underscores broader security pitfalls are afoot.
Multiple researchers and CISA have confirmed active exploitation of the maximum-severity defect. Fortra, the company behind the file-transfer service, remains silent.