darkreading

Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible.

Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS.

US ports rely on cranes manufactured by a Chinese state-owned company, many with unmonitored cellular connections, causing cybersecurity concerns.

The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.

Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.

By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats.

The Coalition for Secure AI (CoSAI) has expanded its roster of members with the addition of threat intelligence management, collaboration, and response orchestration vendor Cyware.

What happened to KnowBe4 also has happened to many other organizations, and it's still a risk for companies of all sizes due to a sophisticated network of government-sponsored fake employees.

Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared.

By accessing the MSSQL, threat actors gain admin-level access to the application, allowing them to automate their attacks.

Thought to be Brazilian in origin, the remote access Trojan is the "perfect tool for a 21st-century James Bond."

Criminal actors are finding their niche in utilizing QR phishing codes, otherwise known as "quishing," to victimize unsuspecting tourists in Europe and beyond.

The 12-member group will compete at the first all-women's capture-the-flag competition this November at the Kunoichi Cyber Games in Tokyo.

Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud.

Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year.

Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them.

Can cyber defenders use the presence of infostealers as a canary in the coal mine to preempt ransomware attacks?

Increasing attacks by the OilRig/APT34 group linked to Iran's Ministry of Intelligence and Security show that the nation's capabilities are growing, and targeting regional allies and enemies alike.