darkreading

Zscaler's acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks also invest in secure browser technologies.

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight.

Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors' networks.

As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface.

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication controls, one expert says.

The AI-powered product delivers expert-grade malware analysis and reverse engineering in minutes.

Drawing on years of adversary tradecraft, SpecterOps experts work alongside customers to analyze and eliminate attack paths, protect critical assets, and stay ahead of emerging threats.

Men should take extra care on Valentine’s Day because they are nearly twice as likely as women to fall victim to romance scams.

Microsoft uncovered AI recommendation poisoning in 31 companies across 14 industries, and turnkey tools make it trivially easy to pull off.

Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.

CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.

How a platform engineering team embeds supply chain security into infrastructure without slowing developers.

Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.

Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks.

Only Taiwan made the top 10 list of governments, effectively blocking the threat-ridden protocol, but overall, the region lagged in curbing Telnet traffic.

Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.

With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.

Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products.

Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever.