Security | News, how-tos, features, reviews, and videos
Security experts warn of surge in malware targeting credentials stored in password vaults and managers as adversarial focus and tactics shift. ‘Like hitting the jackpot.’
Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.
The attacker deployed a variant of the PlugX cyberespionage toolset previously associated with Chinese APT groups against a small company that they then infected with the RA World ransomware and extorted for money.
The Cyber Monitoring Centre (CMC) aims to establish a ‘consistent and objective framework’ to provide clarity to enterprise insurance buyers.
Enterprise users are leaking sensitive corporate data through use of unauthorized and authorized generative AI apps at alarming rates. Plugging the leaks is vital to reduce risk exposure.
Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for these buckets.
Given free rein by President Trump to plumb the depths of US government networks and databases, Elon Musk’s DOGE is putting the federal digital infrastructure at risk on a variety of fronts, security experts say.
IT leaders worry that ongoing staff shortages in the face of escalating workloads could result in a business-crippling event. Security specialists point to retraining and other techniques to help mitigate the problem.
Attackers from the Lazarus group used social engineering tactics to impersonate recruiters and gain access to systems in a well-coordinated campaign over several months.
Security experts welcome proposed changes to the regulation’s security rules while warning about political uncertainty, feasibility, and the potential cost to healthcare orgs.