darkreading

If the US wants to maintain its lead in cybersecurity, it needs to make the tough funding decisions that are demanded of it.

An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use.

Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.

RIIG is a risk intelligence and cybersecurity solutions provider offering open source intelligence solutions designed for zero-trust environments.

The secure coding curriculum, funded by a $2.5 million grant, is available for students and professionals at all stages of their careers.

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

According to the unsealed criminal charges, the operation is believed to have running for nearly four years.

The company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals.

Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail.

Freshly released court documents reveal new details on controversial Israeli spyware firm's operations.

Experimental counter-offensive system responds to malicious AI probes with their own surreptitious prompt-injection commands.

Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyber-defense agency prepares for President-elect Trump's new DHS director.

A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.

Of the numerous victims, at least three refused to pay the demanded ransom, with the rest seemingly in talks with the cybercriminal group.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.