DARKReading

During "CISO: The Worst Job I Ever Wanted," several chief information security officers reveal how difficult it is to be in a role that, despite being around for decades, remains undefined.

Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.

Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been here before.

Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.

AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can't be completely eradicated, but SecOps teams can take steps to at least limit the effects.

Secure enterprise browsers deliver multi-layered security, including web security, protection against malware on the endpoint, and defense against malicious extensions.

Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.