darkreading

Noodlophile is targeting enterprises in spear-phishing attacks using copyright claims as phishing lures.

The HR giant said hackers mounted a socially engineered cyberattack on its third-party CRM system but did not gain access to customer information; only "commonly available" business contact info was exposed.

A more unified and behavior-aware approach to detection can significantly improve security outcomes.

A good chunk of all websites today have been affected by the biggest DDoS risk on the Web since 2023.

The vast majority of companies are using more than one cloud platform, yet struggle to establish and monitor security across different environments giving attackers an opening.

The new Quantum-Safe 360 Alliance will provide road maps, technology, and services to help organizations navigate the post-quantum cryptography transition before the 2030 deadline.

While several cybercrime groups have embraced "EDR killers," researchers say the deep knowledge and technical skills demonstrated by Crypto24 signify a dangerous escalation.

The UK telco said it temporarily took some systems offline as a "protective" measure in its investigation.

Cybersecurity-focused leadership delivers better products and business outcomes.

Water and wastewater systems have become a favored target of nation-state actors, drawing increasing scrutiny following attacks on systems in multiple countries.

You probably can't break FIDO authentication. Still, researchers have shown that there are ways to get around it.

Federal funding cuts to the Multi-State Information Sharing and Analysis Center (MS-ISAC) are about to leave more than 18,000 state and local organizations without access to basic cybersecurity resources they need to protect US national security, a letter sent to Congressional appropriators warns.

Organizations increasingly use agents to automate mundane tasks and address an overwhelming amount of sensitive data. However, adoption requires strict security strategies that keep humans in the loop for now.

In this Dark Reading News Desk interview, Google's Mark Berschadski highlights the critical role browsers play in today's work environment and how Chrome Enterprise is evolving to meet modern security challenges while enabling productivity.

Cybercriminals are auctioning off live email credentials, giving other criminals access to sensitive systems, confidential intelligence, and, potentially, a higher success rate than ever.

The US National Institute of Standards and Technology updated its Digital Identity Guidelines to match current threats. The document detailed technical recommendations as well as suggestions for organizations.

Two critical N-able vulnerabilities enable local code execution and command injection; they require authentication to exploit, suggesting they wouldn't be seen at the beginning of an exploit chain.

Security budgets are lowest in healthcare, professional and business services, retail, and hospitality, but budget growth remained above 5% in financial services, insurance, and tech.