darkreading

Working closely with CISOs, chief financial officers can become key players in protecting their organizations' critical assets and ensuring long-term financial stability.

The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity.

The cybersecurity startup's data loss protection platform uses contextual redaction to help organizations safely use private business information across AI platforms.

Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of sophistication and amateurishness.

The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks.

Actions direct agencies to deploy specific security configurations to reduce cyber-risk.

Three vulnerabilities in the service's Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware.

Program designed to validate and sharpen cybersecurity skills for working professionals.

Getting inside the mind of a threat actor can help security pros understand how they operate and what they're looking for — in essence, what makes a soft target.

Arctic Wolf plans to integrate Cylance's endpoint detection and response (EDR) technology into its extended detection and response (XDR) platform.

Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks?

While low-code/no-code tools can speed up application development, sometimes it's worth taking a slower approach for a safer product.

The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment.

A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.

Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.

Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security.