darkreading

The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining executive status and responsibilities.

The software company, which specializes in remote IT management, said a "sophisticated nation state actor" was behind the attack but provided few details.

In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stolen SAP SuccessFactor data.

At this year's Build developer conference, Microsoft reflected on what the company learned about securing features and writing secure code in the early 2000s.

New guidance includes a list of 10 best practices to protect sensitive data throughout the AI life cycle, as well as tips to address supply chain and data-poisoning risks.

The lingerie retailer isn't revealing much about the security incident it's dealing with but has brought in third-party experts to address the issue.

Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, and Araknis Network.

The outage reportedly hit 10 commercial customer consoles for SentinelOne's Singularity platform, including Singularity Endpoint, XDR, Cloud Security, Identity, Data Lake, RemoteOps, and more.

Red Canary's MDR portfolio complements Zscaler's purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data.

APT41, a Chinese state-sponsored threat actor also known as "Double Dragon," used Google Calendar as command-and-control infrastructure during a campaign last fall.

While the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semiautomated.

While the leak affected customer data, LexisNexis said in a notification letter that its products and systems were not compromised.

By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next generation of cyber threats.

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.

Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.

Among the recommendations, organizations should conduct thorough testing and manage costs, which can be hefty, before implementing the platforms.

Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward.

Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas.

The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and ignores the real problems of system design.