darkreading

The US military and law enforcement learned to outthink insurgents. It's time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same framework.

Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising.

Transportation facilities and networks slowly adapt to changes and threats, leaving them vulnerable to agile cyberattackers, as demonstrated by the $10 million ransomware attack.

The new Google Workspace features will make it easier for enterprise customers to implement end-to-end encryption within Gmail.

A successful enterprise security defense requires a successful endpoint security effort. With options ranging from EDR, SIEM, SOAR, and more, how do security teams cut through the clutter and focus on what matters?

Over the past few weeks, bad actors from different regions have been scanning devices with the VPN for potential vulnerabilities.

In this roundtable, cybersecurity experts — including two former CISA executives — weigh in on alternate sources for threat intel, incident response, and other essential cybersecurity services.

The bill will allow Japan to implement safeguards and strategies that have been in use by other countries for some time.

The security vendor counters that none of the information came directly from its systems but rather was acquired over a period of time by targeting individuals.

Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.

The FDA's regulations and guidance aim to strike a balance between ensuring rigorous oversight and enabling manufacturers to act swiftly when vulnerabilities are discovered.

A continuation of the North Korean nation-state threat's campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.

Although Oracle has denied its cloud infrastructure services were breached, security experts recommend Oracle customers independently verify if they were affected and take measures to reduce exposure to potential fallout.

Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns.

New research from Specops Software shows attackers successfully attack and gain access to RDP with the most basic passwords.

The department was able to trace the stolen funds to three main cryptocurrency accounts after being routed through a series of other platforms.

Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January.

The cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response.

Positioning security leaders as more than risk managers turns them into business enablers, trusted advisers, and, eventually, integral members of the C-suite.

Attackers post links to fake websites on LinkedIn to ask people to complete malicious CAPTCHA challenges that install malware.