darkreading

The Mora_001 group uses similar post-exploitation patterns and ransomware customization originated by LockBit.

President Trump has long complained about perceived threats to election security. Now his DHS has kneecapped the agencies designed to support it. Experts are worried about what comes next.

Healthcare organizations must enhance their cybersecurity arsenal. Doing so can help them prevent financial, compliance, and reputational damage.

Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance.

Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit.

Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.

Consumer Reports, Secure Resilient Future Foundation (SRFF), and US Public Interest Research Group (PIRG) have introduced a model bill to increase transparency around when Internet of Things devices no longer have manufacturer support.

Just like with any regular computer, researchers figured out how to crack into, force restart, and upload malware to an aftermarket in-vehicle infotainment system.

The Salt Typhoon attacks underscored the need for unity, innovation, and resilience in the face of an increasingly sophisticated cyber-threat landscape.

Researchers from Symantec showed how OpenAI's Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.

Following increasing attacks on healthcare organizations, the United Arab Emirates has refined its regulatory strategy for improving cybersecurity in healthcare.

The new F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX, and Distributed Cloud Services, plus new AI gateway and AI assistants.

Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."

The National Institute of Standards and Technology (NIST) has released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.

In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.

To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.

The number of zero-day vulnerabilities getting patched in Microsoft's March update is the company's second-largest ever.

Plankey has served in numerous cybersecurity positions in the past, including during the first Trump presidency from 2018-2020.