darkreading

Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.

The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.

The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.

The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

We can't put defense on hold until Inauguration Day.

The deal adds Phylum's technology for malicious package analysis, detection, and mitigation to Veracode's software composition analysis portfolio.

Cybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost one-year battle with cancer.

These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.

A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.

The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.

New security regulations are more than compliance hurdles — they're opportunities to build better products, restore trust, and lead the next chapter of innovation.

In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.

Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say -- though it's impossible to tell how many are still vulnerable.

Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.

Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.

The proposed settlement would amount to roughly $20 per Apple product that has Siri enabled, for each plaintiff.

The growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI's capabilities.

The Christmas Eve compromise of data-security firm Cyberhaven's Chrome extension spotlights the challenges in shoring up third-party software supply chains.

Changes to the healthcare privacy regulation, including technical controls for network segmentation, multifactor authentication, and encryption, would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.