darkreading

The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.

Organizations have to prepare to ensure they have cryptography in place in the post-quantum world.

Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.

Rescinded sanctions and reactivated contracts have created confusion about the Trump administration's spyware policy and where it draws the line.

StrongDM, which injects ephemeral, real-time credentials into developer workflows, will enable Delinea to offer privilege access management across cloud, SaaS, Kubernetes, and database environments.

The Iranian cyberattack on Stryker is the kind of stress test that business continuity and disaster recovery programs often do not plan for.

In this edition of "Reporters' Notebook," we discuss cyberattackers targeting the Milan-Cortina Winter Games, adding them to a long list of global sporting events in the crosshairs. Though the attack surface is grander, there are key incident-response takeaways for regular enterprises, too.

The real front line of American cybersecurity is a bidding war on eBay for 30-year-old industrial controllers.

Government agencies, emergency clinics, and others in Australia, New Zealand, and Tonga have had serious run-ins with the prolific ransomware outfit.

Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni's xygeni/xygeni-action in that time.

Two attacks on Qatari entities signal a shift in focus for China-backed actors and demonstrate how quickly they can pivot in response to geopolitical events.

Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well.

For a change, there's little in this month's Patch Tuesday that should cause panic, according to security experts.

Some customers have mishandled guest user configurations otherwise intended to allow third-party access to important — and sensitive — client data.

After several years of using simple implants, the Russia-affiliated actor is back with two new sophisticated malware tools.

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

In a seven-page strategy document, the Trump administration signaled a shift to preemption and deterrence to handling cyber threats.

A fresh cyberattack campaign blends malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces.

With the rapid innovations in AI, we are entering an exciting era of automated risk remediation. Learn about security team readiness to leverage agentic AI for threat and exposure management.

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying.