darkreading

Researchers from Symantec showed how OpenAI's Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.

Following increasing attacks on healthcare organizations, the United Arab Emirates has refined its regulatory strategy for improving cybersecurity in healthcare.

The new F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX, and Distributed Cloud Services, plus new AI gateway and AI assistants.

Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."

The National Institute of Standards and Technology (NIST) has released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.

In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.

To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.

The number of zero-day vulnerabilities getting patched in Microsoft's March update is the company's second-largest ever.

Plankey has served in numerous cybersecurity positions in the past, including during the first Trump presidency from 2018-2020.

A Libya-linked threat actor has resurfaced attacking the Middle East and North Africa, using the same old political phishing tricks to deliver AsyncRAT that have worked for years.

While deregulation may open opportunities for growth and innovation, it also creates new risks that demand a proactive, accountable approach to security.

Analysts weigh in on how democratizing cybersecurity could benefit organizations, particularly SMBs, as threats increase across the landscape.

An email campaign luring users with offers of free President Trump meme coins can lead to computer takeover via the ConnectWise RAT, in less than 2 minutes.

The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities.

The program underwent a series of changes in the past year, including richer maximum rewards in a variety of bug categories.

The South American-based advanced persistent threat group is using an exploit with a "high infection rate," according to research from Check Point.

Clandestine kill switch was designed to lock out other users if the developer's account in the company's Windows Active Directory was ever disabled.

In the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds.