darkreading

While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.

Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.

Sound suggestions on how to tackle four "quiet problems" that often slip through the security cracks.

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.

When security becomes a performance, the fallout isn't just technical. It's organizational.

The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.

Journalists' Microsoft accounts were breached, which would have given attackers access to emails of staff reporters covering national security, economic policy, and China.

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience.

SP 1800-35 offers 19 examples of how to implement zero-trust architecture (ZTA) using off-the-shelf commercial technologies.

A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.

Researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts.

This alignment makes a successful CISO, but creating the same sentiment across business leadership creates a culture of commitment and greatly contributes to achieving goals.

These groups suffered three times the cyberattacks as the year previous, with DDoS attacks dominating and vulnerability scans and SQL injection also more common.

Researchers at Aim Security disclosed a Microsoft Copilot vulnerability of critical severity this week that could have enabled sensitive data exfiltration via prompt injection attacks.

New regulations and compliance standards for the Children's Online Privacy Protection Act reflect how much technology has grown since the Federal Trade Commission last updated it in 2013.

A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders.

To truly future-proof your cybersecurity approach, it's vital to ensure that your security program is flexible and adaptable to both current and future business demands.