The Cybersecurity and Infrastructure Security Agency (CISA) is calling on critical infrastructure organizations to take decisive action against insider threats. To support this effort, CISA has...

Parliament voted for legislation requiring power utilities, water companies and even some supermarket chains to reduce their vulnerability to terrorism, industrial accidents, natural disasters and...

Latin America and the Caribbean can now lay claim to an unenviable status: cyberattackers’ favorite region to target with cyberattacks. Organizations in Latin America saw an average of 3,065...

An in-depth analysis of an Interlock ransomware intrusion, detailing new malware tooling, defense evasion techniques, and high-ROI detection strategies.

Bitdefender researchers have discovered an Android RAT (remote access trojan) campaign that combines social engineering, the resources of the Hugging Face online platform as staging, and extensive...

North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled...

Apply fixes within a few hours or face the music, say the pros What good is a fix if you don't use it? Experts are urging security teams to patch promptly as vulnerability exploits now account for...

A suspected Chinese intelligence outfit contacted a former senior State Department officer late last year requesting they draft an assessment of U.S. policy priorities in Venezuela in exchange for...

Modern synthetic biology and AI represent both medicine’s greatest breakthrough and warfare’s most terrifying evolution. In this new landscape, where biological weapons can be designed faster than...

The interim head of the country’s cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, triggering multiple automated security warnings that...

Federal Chief Information Security Officer (CISO) Mike Duffy warned on Tuesday that government IT modernization efforts that fail to account for post-quantum cryptography (PQC) risk creating...

January 28 marks Data Privacy Day. Founded in 2007 by the Council of Europe, the aim of Data Privacy Day is to raise public awareness about the right to personal data protection and privacy. Now...

The Trump administration presents its new National Defense Strategy (NDS) as a break from previous strategies, including that of the first Trump administration. Out are Russia, Europe and climate...

The United States used cyberweapons in Venezuela to take power offline, turn off radar and disrupt hand-held radios, all to help U.S. military forces slip into the country unnoticed early this...

Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the...

Close call after an apparently deliberate attempt to starve a country of energy at the worst time Cybersecurity experts involved in the cleanup of the cyberattacks on Poland's power network say...

A data-driven industry benchmark showing how integrations are adopted, gain traction, and deliver value across modern cloud security programs.

Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly...

A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever.

The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike. The post Long-running North Korea threat...

Analysis of 175,000 open-source AI hosts across 130 countries reveals a vast compute layer susceptible to resource hijacking and code execution attacks.

Ransomware crims have just lost one of their best business platforms. US law enforcement has seized the notorious RAMP cybercrime forum's dark web and clearnet domains. RAMP, which stands for...

India’s Digital Personal Data Protection (DPDP) Act fundamentally changes how organizations collect, use, store, and protect personal data. It applies to any organization handling digital personal...

Between January 21st and 28th, GreyNoise sensors observed reconnaissance activity against Ivanti Connect Secure jump roughly 100x above historical baselines (nope! not a typo!! 100x!!!). What made...

Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a...

Attackers have exploited the critical defect to reconfigure firewall settings, create unauthorized accounts with privileged access to multiple versions of the vendor’s security products. The post...

ICE has been using an AI-powered Palantir system to summarize tips sent to its tip line since last spring, according to a newly released Homeland Security document.

The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM....

Cybercrime solved. The end Ransomware crims have just lost one of their best business platforms. US law enforcement has seized the notorious RAMP cybercrime forum's dark web and clearnet domains.…

Citizen Lab senior fellow Cynthia Khoo spoke with the CBC about the People’s Consultation on AI, launched by a civil society coalition last week in response to the federal government’s “national...