darkreading

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.

Ticket scams are costing football fans close to £200 a season, on average, according to a report.

Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.

The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.

Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux system.

New Chrome release set to roll out over the next few days addresses 38 security issues in the browser.

A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate.

In the next year, more than 35,000 applications will move to end-of-life status. To manage risk effectively, we need to plan ahead.

Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia.

There is no such thing as a silver bullet in cybersecurity. No, not even multifactor authentication.

The technologies listed in Gartner's 2024 Hype Cycle for Emerging Technologies fall into four key areas: autonomous AI, developer productivity, total experience, and human-centric security and privacy programs.

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

A Kentucky man used stolen doctor credentials to fake his own death certificate to avoid paying a six-figure child support debt.

It's unclear who the "Msupedge" threat actors were or what the motive for the attack was.

It might still sound far-fetched to say AI can develop critical thinking skills and help us make decisions in the cybersecurity industry. But we're not far off.

A server-side request forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.

CodeBreaker technique can create code samples that poison the output of code-completing large language models, resulting in vulnerable — and undetectable — code suggestions.

Two congressmen want the US Commerce Department to examine the company's goods and decide if they pose a threat.