A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day.

Hijacking malware gets spread through TikTok's direct messaging and doesn't require the victim to click links or download anything.

MFA and other mechanisms are critical to protect against unauthorized access to data in cloud application environments, but businesses still fall down on the job.

CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers.

Ticketmaster parent Live Nation has filed a voluntary SEC data breach notification, while one of its cloud providers, Snowflake, also confirmed targeted cyberactivity against some of its customers.

Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible.

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: fighting cybersecurity burnout; BlackSuit ransomware; the SEC breach rules and risk management.

Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks.

Most of the operations were feckless efforts with little impact, but they illustrate how AI is changing the game for inauthentic content on both the adversary and defense sides.

International law enforcement Operation Endgame shifts its crackdown to focus on individual adversaries.

This time it's the identity management service provider's cross-origin authentication feature that's being targeted by adversaries.

There is more that needs to be done, but, so far, the initiative is a success.

It's more important than ever for organizations to prepare themselves and their cybersecurity postures against known and unknown threats.