Most of the operations were feckless efforts with little impact, but they illustrate how AI is changing the game for inauthentic content on both the adversary and defense sides.
North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware.
Mandiant warns that defenders must rethink how to thwart Chinese cyber-espionage groups now using professional "infrastructure-as-a-service" operational relay box networks of virtual private servers as well as hijacked smart devices and routers.
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever — and time is running short before ZDI releases exploit details.
Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access.
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
As Verizon Business redefines "supply chain breach," it could either help organizations address third-party risk holistically or just conflate and confuse.
The space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.
A recent campaign targeting Middle Eastern government organizations plays standard detection tools like a fiddle. With cyberattackers getting more creative, defenders must start keeping pace.