darkreading

Institutionalizing and sustaining fundamental cybersecurity practices requires a commitment to ongoing vigilance, active management, and a comprehensive understanding of evolving threats.

The Open-Source Software Prevalence Initiative, announced at DEF CON, will examine how open source software is used in critical infrastructure.

Teams designed AI systems to secure open source infrastructure software to be used in industries like financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.

Inconsistencies and lack of information in cybersecurity disclosures highlight the need for organizations to establish a robust materiality assessment framework.

The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.

The vulnerability was given a high-severity CVSS score, indicating that customers should act swiftly to mitigate the flaw.

The threat group tracked as APT42 remains on the warpath with various phishing and other social engineering campaigns, as tensions with Israel rise.

Though WormGPT tools may not be a major problem now, organizations can't let their guard down.

Brain Cipher made a loud entry to the ransomware scene, but it doesn't seem to be quite as sophisticated as its accomplishment would suggest.

The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known state-sponsored groups, showing how advanced persistent threat groups often collaborate with each other.

According to the researchers, roughly 250 fake advertisements appeared on platforms like Facebook and Instagram, and some are reportedly still up and running.

Cloud services and thus millions of end users who access them could have been affected by the poisoning of artifacts in the development workflow of open source projects.