darkreading

The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware.

The pivot is one of several changes the groups using the malware have used in recent attacks.

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.

The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity.

With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact.

LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering.

African nation's proactive approach to cybersecurity comes amid a rise in painful cyberattacks, including the breach of a major bank.

The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.

The attack is a mashup of QR codes and phishing that gets users to click on links to malicious webpages.

So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability database.

Confidential computing safeguards data in use, making it a crucial component of cloud security.

The ShinyHunters attackers are skipping selling stolen data on hacker forums in favor of using deadline-driven ransom notes for financial gain.

A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier.

The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again.

Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers.

As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.