darkreading

In a monoculture, cybercriminals need to look for a weakness in only one product, or discover an exploitable vulnerability, to affect a significant portion of services.

A simple toggle in Proofpoint's email service allowed for brand impersonation at an industrial scale. It prompts the question: Are secure email gateways (SEGs) secure enough?

Having a robust identity continuity plan is not just beneficial but essential for avoiding financially costly and potentially brand-damaging outages.

By injecting malicious bytecode into interpreters for VBScript, Python, and Lua, researchers found they can circumvent malicious code detection.

Law firms make the perfect target for extortion, so it's no wonder that ransomware attackers target them and demand multimillion dollar ransoms.

Researchers say the attacks are easy to perform, difficult to contact, nearly unrecognizable, and "entirely preventable."

The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks.

A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.

Significant upcoming legislation promises to tighten the screws on cyber incident response in Australia, mirroring CIRCIA in the US.

DEV#POPPER is back, looking to deliver a comprehensive, updated infostealer to coding job seekers by way of a savvy social engineering gambit.

The process took two years, but this is the first successful settlement obtained under Texas' Capture or Use of Biometric Identifier Act, which forbids the capture of biometric data without users' explicit consent.

Malicious actors could potentially exploit this vulnerability if they gain physical access to a user's device.

The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30.

Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data.

The security vulnerabilities, CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396, could lay open proprietary and sensitive research to data thieves.

If paying a ransom is prohibited, organizations won't do it — eliminating the incentive for cybercriminals. Problem solved, it seems. Or is it?

A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years.