darkreading

Improvements in cyber hygiene and resiliency made it possible for victim organizations to skip paying ransom amounts in 2024.

The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks.

After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.

The newspaper company expects the investigation to take some time, but said in an SEC filing that it has not yet identified any material impact.

Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.

For too long, we've treated our analysts as mere cogs in a machine, expecting them to conform to the limitations of our tools and processes. It's time to revolutionize security operations.

The secret use of other people's generative AI platforms, wherein hijackers gain unauthorized access to an LLM while someone else foots the bill, is getting quicker and stealthier by the month.

Five years after a Russian APT infiltrated a software update to gain access to thousands of SolarWinds customers, the board has voted unanimously to sell at a top valuation and plans for uninterrupted operations.

Developers are pulling in publicly available ASP.NET keys into their environments, without realizing that cyberattackers can use them for clandestine code injection.

A year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected.

As the cost of data breaches continues to climb, the role of user and entity behavioral analytics (UEBA) has never been more important.

Local law enforcements need to steer away from "place-based policing" when investigating cybercrimes.

Cybereason co-founders launch their second act with a security startup focused on offering a platform that uses agentic AI to offload repetitive tasks commonly performed by security analysts.

OpenAI's latest tech can reason better than its previous models could, but not well enough to ferret out careful social engineering.

While President Trump supported federal space efforts during his first administration, the addition of SpaceX chief Elon Musk to his circle likely means challenges for regulating spacecraft cybersecurity, experts say.

Riding the wave of notoriety from the Chinese company's R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases.