darkreading

Company leadership needs to ensure technology teams are managing continuous monitoring, automated testing, and alignment with business needs across their enterprise.

The largest publicly traded water utility in the US was forced to disconnect some of its online systems, and its website and telecommunications system remained unavailable as of Tuesday morning, Oct. 8.

The vast majority of organizations in the region saw more attacks in the past year, but most don't feel prepared for future incidents.

Among those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.

The Chinese state-sponsored cyberattack threat managed to infiltrate the "lawful intercept" network connections that police use in criminal investigations.

CISOs' cash compensation tops $400,000 now, but the high pay comes with struggles, rapidly changing responsibilities, and tight budgets.

Google's Manifest V3 offers better privacy and security controls for browser extensions than the previous M2, but too many lax permissions and gaps remain.

Creating a new office of cyber-regulation strategy is the government's best opportunity to improve security and to protect Americans in an increasingly dangerous world.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

The popular LiteSpeed Cache plug-in is vulnerable to unauthenticated privilege escalation via a dangerous XSS flaw.

The collaboration with industry partners aims to improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI incidents.

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.

The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.

Thoughtfully applied, humor breaks through security fatigue, increases engagement, and fosters a culture of security awareness.

The booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors but also cybercriminals.

It's North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection.

Several of the flaws enable remote code execution and denial-of-service attacks, while others enable data theft, session hijacking, and other malicious activity.

Ivanti reports that the bug is being actively exploited in the wild for select customers.

"Pig butchering," generative AI, and spear-phishing have all transformed digital warfare.