darkreading

The money-transfer company is going on day four of its services being suspended.

A sound cyber-risk management strategy analyzes all the business impacts that may stem from an attack and estimates the related costs of mitigation versus the costs of not taking action.

The latest version of the evolving threat is a multistage attack demonstrating a move away from ransomware to purely espionage activities, typically targeting Ukraine and its supporters.

The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.

The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative.

Some users complain they had no idea the switch would be automatic on their devices, vowing to uninstall the unwanted antivirus software.

The $2.65B buy validates the growing importance of threat intelligence to enterprise security strategies.

Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies — while having a little fun.

After launching an investigation in February into vehicles made by foreign adversaries, the Biden administration is finally making its move in the name of national security.

Data discovery and classification are foundational for data security, data governance, and data protection.

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

The FOCAL plan outlines baselines to synchronize cybersecurity priorities and policies across, as well as within, agencies.

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.

Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.

The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.

The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.

How the Kimsuky nation-state group and other threat actors are exploiting poor email security — and what organizations can do to defend themselves.

Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit-card company's AI-based cybersecurity protection capabilities.