darkreading

The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission-critical software. Cybersecurity is now part of the evaluation.

Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it's time identity security was owned by a leader with a security background, like the CISO.

Ransomware attacks and email-based fraud account for 80% to 90% of all claims processed by cyber insurers, but a handful of cybersecurity technologies can help prevent big damages.

In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.

The global Internet helps just about everything to scale more easily, including piracy and ad fraud.

Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.

The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.

Telecom-based attacks such as SMS toll fraud and 2FA hijacking have evolved into a mainstream concern for CISOs.

The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware.

The pivot is one of several changes the groups using the malware have used in recent attacks.

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.

The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity.

With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact.

LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering.