darkreading

Positioning security leaders as more than risk managers turns them into business enablers, trusted advisers, and, eventually, integral members of the C-suite.

Attackers post links to fake websites on LinkedIn to ask people to complete malicious CAPTCHA challenges that install malware.

The General Services Administration is planning to use automation to speed up the process of determining which cloud services federal agencies are allowed to buy.

Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.

Evidence suggests an attacker gained access to the company's cloud infrastructure environment, but Oracle insists that didn't happen.

The attack hit the Kuala Lumpur airport over the weekend, and it remains unclear who the threat actors are and what kind of information they may have stolen.

Digital transformation has revolutionized industries with critical infrastructure — but it has also introduced new vulnerabilities.

The Islamic Republic is keeping its enemies close and its friends closer, with espionage attacks aimed at nearby neighbors.

Dark Reading Confidential Episode 5: Christofer Hoff, chief secure technology officer at LastPass, shares the human side of the story of how he led his team through a major cyber incident and built from the ground up a security team and security culture.

State and federal security experts weighed in on the impact that budgetary and personnel cuts to CISA will have on election security as a whole.

The artificial intelligence research company previously had its maximum payout set at $20,000 before exponentially raising the reward.

The union received a spoofed email that led to the loss of $6.4 million, much of it transferred to other accounts or to a cryptocurrency exchange.

University security operations centers that hire and train students are a boon to state and local governments while giving much-needed Tier 1 cybersecurity training to undergraduates.

Popularity of the generative AI platform makes it an obvious choice for cybercriminals abusing Google-sponsored search results, according to researchers.

Attackers aren't just spending more time targeting the cloud — they're ruthlessly stealing more sensitive data and accessing more critical systems than ever before.

Hunt quickly took to his blog to notify the public of the breach and provide further details on how this could have happened.