darkreading

The Anti-Malware Testing Standards Organization has published a Sandbox Evaluation Framework to set a standard among various sandbox offerings that help protect organizations from rising threats.

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.

Three cybersecurity firms worked with Interpol and authorities in Nigeria, South Africa, Rwanda, and four other African nations to arrest more than 300 cybercriminals.

The recent report of how Volt Typhoon compromised systems at a water utility highlight security technologies and processes that helped detect the compromise and clean up the network.

The recent report of how Volt Typhoon compromised systems at a water utility highlights security technologies and processes that helped detect the compromise and clean up the network.

Experts say the leakage of US military plans to a reporter this month reflects a severe operational security failure on the part of US leadership.

The company reports that no sensitive information was breached or stolen in the cyber intrusion and that its operations are running normally again.

Though there is no confirmation as to when this extradition will occur, Alexander Moucka agreed to be transferred in writing before a judge.

Strong DLP can be a game-changer — but it can also become a slow-moving, overcomplicated mess if not executed properly.

Raspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe.

Security experts worry the company's Chapter 11 status and aim to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.

Upgrading from Windows 10 systems to Windows 11 could potentially introduce vulnerabilities into an environment through misconfigured hardware.

New agentic AI capabilities in Microsoft Security Copilot will allow agents to triage threats and provide recommendations.

The group, called FishMonger or Aquatic Panda, is working under contract for the Chinese government to steal data from governmental organizations, Catholic charities, NGOs, think tanks, and more.

The FBI's Denver field office says the tools will convert documents while also dropping malware and scraping users' systems for sensitive data.

More than 40% of all Internet-facing container orchestration clusters are at risk.

The persistent threat actor was caught using sophisticated Web shell techniques against an unnamed telecommunications company in Asia.

Russia and China spend billions of dollars on state media, propaganda, and disinformation, while the Trump administration has slashed funding for US agencies.

FCC chair warns these companies may still be operating in the US because they don't believe that being added to its "Covered List" poses any serious risk.

A threat actor posted data on BreachForums from an alleged supply chain attack that affected more than 140K tenants, claiming to have compromised the cloud via a zero-day flaw in WebLogic, researchers say.