Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

How to Break the Security Theater Illusion

When security becomes a performance, the fallout isn't just technical. It's organizational.

DARKReading
Anubis Ransomware-as-a-Service Kit Adds Data Wiper

The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.

Washington Post Staffer Emails Targeted in Cyber Breach

Journalists' Microsoft accounts were breached, which would have given attackers access to emails of staff reporters covering national security, economic policy, and China.

#microsoft
'Water Curse' Targets Infosec Pros via Poisoned GitHub Repositories

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

Security Is Only as Strong as the Weakest Third-Party Link

Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience.

NIST Outlines Real-World Zero-Trust Examples

SP 1800-35 offers 19 examples of how to implement zero-trust architecture (ZTA) using off-the-shelf commercial technologies.

CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM

A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.

Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers

Researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts.

Why CISOs Must Align Business Objectives & Cybersecurity

This alignment makes a successful CISO, but creating the same sentiment across business leadership creates a culture of commitment and greatly contributes to achieving goals.

Cyberattacks on Humanitarian Orgs Jump Worldwide

These groups suffered three times the cyberattacks as the year previous, with DDoS attacks dominating and vulnerability scans and SQL injection also more common.