Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: fighting cybersecurity burnout; BlackSuit ransomware; the SEC breach rules and risk management.
Though information such as dates of birth, email addresses, and home addresses were compromised, "the Beeb" assures individuals that financial information is still protected.
Most of the operations were feckless efforts with little impact, but they illustrate how AI is changing the game for inauthentic content on both the adversary and defense sides.
Consumer data is still a prime target for threat actors, and organizational consumption of data must be aligned to protect it. The new rights act seeks to do some of this, but it still needs tweaking.
Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks.
By adopting a stance of coordinated disclosure for exploits, security researchers can give organizations time to patch vulnerabilities before they are exploited in the wild.
When security professionals are at the end of their rope β feeling both mentally and physically exhausted β it's often because of burnout. Here are ways to combat it.
It's unclear whether a dataset for sale on the site allegedly containing data from more than 500 million Ticketmaster users is real or just law enforcement bait.
North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware.
Researchers went in-depth on an attack by the threat group, which mainly targets US companies in the education and industrial goods sectors, specifically to maximize financial gain.
It's time to rethink the pivotal role incentives play in shaping behavior to find and disclose software vulnerabilities. More accurate guidance to reflect real-world risks and a tiered verification process to establish potential impact could slow misleading submissions.
Targeting India's government, defense, and aerospace sectors, the cyber-threat group now attacks Linux as well as Windows in its quest to compromise the Indian military's homegrown MayaOS Linux systems.
The committee is being set up as the ChatGPT creator begins to train its latest large language model, GPT-5, which will reach "a new level of capabilities."
The SEC's lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.
Much like an airplane's dashboard, configurations are the way we control cloud applications and SaaS tools. It's also the entry point for too many security threats. Here are some ideas for making the configuration process more secure.
With more than 10,000 installations across prisons, courts, and governments, impacted Justice AV Solutions users are urged to re-image affected endpoints and reset credentials.