darkreading

Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies — while having a little fun.

After launching an investigation in February into vehicles made by foreign adversaries, the Biden administration is finally making its move in the name of national security.

Data discovery and classification are foundational for data security, data governance, and data protection.

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

The FOCAL plan outlines baselines to synchronize cybersecurity priorities and policies across, as well as within, agencies.

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.

Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.

The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.

The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.

How the Kimsuky nation-state group and other threat actors are exploiting poor email security — and what organizations can do to defend themselves.

Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit-card company's AI-based cybersecurity protection capabilities.

Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible.

Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS.

US ports rely on cranes manufactured by a Chinese state-owned company, many with unmonitored cellular connections, causing cybersecurity concerns.

The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.

Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.