darkreading

There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."

The security vulnerability is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter.

CISA should make its recommended goals mandatory and perform audits to ensure compliance.

The "SANS 2024 State of ICS/OT Cybersecurity" report suggests organizations are going to shift spending from security technologies protecting industrial control systems and operational technology environments to nontechnical activities, such as training and incident response.

Though its third-quarter earnings report confirms that the company remains on track, it's unclear how that will be affected if the threat actors commit further damage.

Windows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad.

It's polite to listen to advice that people are willing to share, but not all of it will be useful for you. Here's how to separate the wheat from the chaff.

Attackers abuse concatenation, a method that involves appending multiple zip archives into a single file, to deliver a variant of the SmokeLoader Trojan hidden in malicious attachments delivered via phishing.

Meta has maintained that Facebook did not mislead investors by not including mention of the Cambridge Analytica scandal in its forward-looking risk disclosures, but the plaintiffs say it was a glaring omission.

Companies and organizations need to recognize the importance of investing in engineers who possess both the soft and hard skills required to secure open source software effectively.

Large language models (LLMs) can help app security firms find and fix software vulnerabilities. Malicious actors are on to them, too, but here's why defenders may retain the edge.

Direct cyberattacks on vehicles are all but unheard of. In theory, though, the opportunity is there to cause real damage — data extraction, full system compromise, even gaining access to safety-critical systems.

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience, and testing.

The journey toward a successful DevSecOps implementation is complex, requiring a strategic approach to overcome the myriad challenges it presents.

Chinese APT groups increasingly lean on open source platform SoftEther VPN for network access. Now they're lending their know-how to Iranian counterparts.

Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.