Successful attackers focus on the psychological manipulation of human emotions, which is why anyone, even a tech-savvy person, can become a victim.

The hacktivist group Anonymous Sudan claims credit for a cyberattack that disrupted Alabama state government earlier this week.

CISOs can successfully make their business operations more secure and play a larger role in the organization's overall strategy, but there are pitfalls to avoid, Forrester analysts warn.

Credential-stealing emails are getting past artificial intelligence's "known good" email security controls by cloaking malicious payloads within seemingly benign emails. The tactic poses a significant threat to enterprise networks.

CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state-backed actors.

The cyber campaign uses social engineering and sophisticated evasion tactics, including a novel malware-delivery method, to compromise hundreds of Microsoft Office users.

All companies — not just federal agencies — should aim to adopt the "network and environment" pillar of the National Security Agency's zero-trust guidelines.

The group uses pretty standard open source tooling and social engineering to burrow into high-level government agencies across the globe.

The new IoT Device Security Specification 1.0, with accompanying certification, aims to offer a unified industry standard and increase consumer awareness.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Rising cybersecurity demands are changing the role of the head security officer. CISOs need to make a list, check it at least twice, and document every step.

On the Dark Web, stolen secrets are your enemy, and context is your friend.

Compare how well OpenAI's and Google's generative AI products handle infosec professionals' top 10 tasks.