darkreading

Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.

A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.

At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.

AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.

The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.

By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.

Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.

Individuals concerned about the privacy of their communications should consider using encrypted messaging apps and encrypted voice communications, CISA and FBI officials say.

Parasitic advanced persistent threat (APT) Secret Blizzard accessed another APT's infrastructure, and stole the same kinds of info it targets in South Asian government and military victims.

The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch.

The notorious spyware from Israel's NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 2,500 mobile phones.

The evolving regulatory environment presents both challenges and opportunities for businesses.

Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully better control.

BCID mitigates the risk of consumers being harmed by fraud and bad actors by vetting to deliver a trusted, branded call experience for consumers.

Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack.

A change in ownership and what it means for our readers.