Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment.
Author: Dark Reading Staff, Dark Reading
Hackers can't steal a credential that doesn't exist.
Lazarus Group used a known Zimbra bug to steal data from medical and energy researchers.
New malware demonstrates how threat actors are pivoting toward payment platform attacks, researchers say.
Security teams should use a blocklist containing tens of thousands of proxy IP addresses used by the pro-Russian hacktivist group to defend their organizations from DDoS attacks.
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.
Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber resiliency capabilities.
Analysts find that 98% of QNAP NAS are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.
Google Fi mobile customers have been alerted that their SIM card serial numbers, phone numbers, and other data were exposed in T-Mobile hack.