darkreading

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.

Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.

Among the recommendations, organizations should conduct thorough testing and manage costs, which can be hefty, before implementing the platforms.

Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward.

Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas.

The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and ignores the real problems of system design.

Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady.

The acquisition, expected to close in August, will bring together Red Canary's extensive integration ecosystem with Zscaler's cloud transaction data to deliver an AI-powered security operations platform.

Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help desk were impacted.

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs.

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and whether they stole any data.

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data.

Once dismissed as Internet miscreants in hoodies, ethical hackers have hit the big time, earning millions from blue-chip firms. And they say it's their diverse backgrounds that make them top-tier bug hunters.

A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet's US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise.

Organizations need to broaden their strategy to manage vulnerabilities more effectively and strengthen network cyber resilience.

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.

By automating security policies and threat detection while coaching users on data protection, companies will be better able to take control of and protect their data.