darkreading

By nurturing a security-centric work culture that involves everybody, organizations can overcome challenges with greater agility and confidence.

Maksim Silnikau and his associates are accused of developing and distributing notorious ransomware strains such as Reveton and Ransom Cartel, among other criminal acts.

Security experts welcome the long-anticipated publication of the first post-quantum cryptographic standards as a significant milestone.

The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.

The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.

While there are smart people and good leaders in other fields, we need to cultivate and grow leaders from the existing cybersecurity workforce, too.

Australia's Evolution Mining said its IT systems were infected with ransomware in an Aug. 8 cyber incident.

Attackers are already actively exploiting six of the bugs and four others are public, including one for which Microsoft has no patch yet.

The new standards are designed for two tasks: general encryption and digital signatures.

Cash may be king, but law enforcement keeps track of who spends it, especially when it's in the six-figure range.

The CVSS 9.8 authentication bypass in Ivanti's traffic manager admin panel already has a proof-of-concept (PoC) exploit lurking in the wild.

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.

Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LotL) tactics.

Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.

AI's proficiency at creating software code won't put developers out of a job, but the job will change to one focused on security, collaboration, and "mentoring" AI models.

The Defense Advanced Research Projects Agency launches TRACTOR program to work with university and industry researchers on creating a translation system that can turn C code into secure, idiomatic Rust code.

CrowdStrike's president and CEO were both at Black Hat and DEF CON to face direct questions from customers and cybersecurity professionals.

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.

The vulnerability has been around for nearly 20 years and gives sophisticated attackers a way to bury virtually undetectable bootkits on devices with EPYC and Ryzen microprocessors.

More than 100 Ukrainian government devices have been affected by the threat that is being tracked as UAC-0198.