darkreading

The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka.

Clutch Security is the latest cybersecurity startup looking to secure and manage non-human identity.

According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.

With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.

The incident serves as a stark reminder of the fragility of our digital infrastructure. By adopting a diversified, resilient approach to cybersecurity, we can mitigate the risks and build a more secure digital future.

Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.

Despite getting help, NIST is not keeping up with new vulnerability reports for the National Vulnerabilities Database, according to an analysis from Fortress Information Security.

One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases.

Microsoft says that an examination of Windows crash reports around the outage shows that kernel drivers need to be carefully employed.

Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection.

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

This year's conference will be a treasure trove of insights for cybersecurity professionals.

A large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.

Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.

Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

The cybersecurity firm says that 97% of sensors are back online, but some organizations continue to recover, with costs tallied at $5.4 billion for the Fortune 500 alone.