darkreading

Chinese APTs lurked in Canadian government networks for five years — and that's just one among a whole host of threats from Chinese bad actors.

The prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives and toward wreaking widespread disruption and damage.

Application security teams from Fortune 500 companies are already using Noma's life cycle platform, which offers organizations data and AI supply chain security, AI security posture management, and AI threat detection and response.

Knee-jerk reactions to major vendor outages could do more harm than good.

On the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an extensive seafaring espionage effort.

Despite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices.

The company's data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and email.

A national security memorandum on artificial intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about them.

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.

In a vengeful move against the happiest place on Earth, the former employee allegedly used his old credentials to make potentially deadly changes.

With a lack of cybersecurity awareness training resources for all employees, organizations are more susceptible to being breached or falling short when it comes to preventing threats.

A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.

Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability and reliability.

Using a malicious Chrome extension, researchers showed how an attacker could use a now-fixed bug to inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.