darkreading

You're only as strong as your weakest security link.

While still under development, the malware contains Turkish-language filenames, can record the screen and keystrokes, and inject custom overlays to steal passwords and sensitive data.

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium.

At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap.

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks

Cybersecurity startup RAD Security, a finalist in this year's Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.

The AI boom and increasing popularity of quantum computing necessitates quantum-resilient security.

A security vulnerability in Rockwell Automation's ControlLogix 1756 programmable logic controllers, tracked as CVE-2024-6242, could allow tampering with physical processes at plants.

Researchers say "LianSpy" malware has been in use in a covert data gathering operation that's gone undetected for at least three years.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

Though TikTok is expected to adhere to certain COPPA-outlined measures, the social media giant has failed to meet those expectations, the Feds allege.

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Cybersecurity startup Knostic, a finalist in this year's Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data doesn't get leaked.