darkreading

The new F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX, and Distributed Cloud Services, plus new AI gateway and AI assistants.

Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."

The National Institute of Standards and Technology (NIST) has released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.

In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.

To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.

The number of zero-day vulnerabilities getting patched in Microsoft's March update is the company's second-largest ever.

Plankey has served in numerous cybersecurity positions in the past, including during the first Trump presidency from 2018-2020.

A Libya-linked threat actor has resurfaced attacking the Middle East and North Africa, using the same old political phishing tricks to deliver AsyncRAT that have worked for years.

While deregulation may open opportunities for growth and innovation, it also creates new risks that demand a proactive, accountable approach to security.

Analysts weigh in on how democratizing cybersecurity could benefit organizations, particularly SMBs, as threats increase across the landscape.

An email campaign luring users with offers of free President Trump meme coins can lead to computer takeover via the ConnectWise RAT, in less than 2 minutes.

The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities.

The program underwent a series of changes in the past year, including richer maximum rewards in a variety of bug categories.

The South American-based advanced persistent threat group is using an exploit with a "high infection rate," according to research from Check Point.

Clandestine kill switch was designed to lock out other users if the developer's account in the company's Windows Active Directory was ever disabled.

In the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds.

Microsoft has identified a complex, malvertising-based attack chain that delivered Lumma and other infostealers to enterprise and consumer PC users; the campaign is unlikely the last of its kind.

The group is using the Medusa malware and taking up space once held by other notable ransomware groups like LockBot, increasing its victim list to 400 and demanding astoundingly high ransoms.