Quantum computing on the level that poses a threat to current cybersecurity measures is still years off. Here's what enterprises can do now to avoid future disruptions.
A native-first approach delivers better protections and a more efficient use of resources than best-of-breed solutions, benefiting cloud service providers and end-user customers alike.
Once attackers have control over a workload in the cluster, they can leverage access for lateral movement both inside the cluster and to external resources.
A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders β Russia, Ukraine, and China β but also some surprises.
Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.
Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector.
Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools that help organizations and people protect themselves against the devious combination.
Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks.
Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.
Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional.
It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine.
The tech giant tosses together a word salad of today's business drivers β AI, cloud-native, digital twins β and describes a comprehensive security strategy for the future, but can the company build the promised platform?
Airbnb's Allyn Stott introduces maturity model inspired by the Hunting Maturity Model (HMM) to complement MITRE ATT&CK to improve security metrics analysis.
CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.
Though organizations are increasingly incorporating zero-trust strategies, for many, these strategies fail to address the entirety of an operation, according to Gartner.
The irony is lost on few, as a nation-state threat actor used eight MITRE techniques to breach MITRE itself β including exploiting the Ivanti bugs that attackers have been swarming on for months.
Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms β and in some cases, individual consultants β to obtain licenses to do business, but concerns remain.
State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.