Security News

In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a...

The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts,...

Microsoft declined to answer The Register's questions about the digital heist, or its security in general. This marks the second time since 2020 the same gang of Kremlin-backed cyber spies - whom Microsoft now calls Midnight Blizzard, used to track as Nobelium, and most call Cozy Bear - has invaded Microsoft.

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation tool to validate Windows installations for deployment after installing recent Windows 10 updates. Sysprep helps prepare Windows client or Windows Server installations for imaging and deployment on any system by removing computer-specific information such as installed drivers and the computer security identifier.

In a world where more & more organizations are adopting open-source components as foundational blocks in their application's infrastructure, it's difficult to consider traditional SCAs as complete...

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider...

A password-less database containing an estimated 1.3 million sets of Dutch COVID-19 testing records was left exposed to the open internet, and it's not clear if anyone is taking responsibility.Among the information revealed in the publicly accessible and seemingly insecurely configured database were 118,441 coronavirus test certificates, 506,663 appointment records, 660,173 testing samples and "a small number" of internal files.

One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management. In this article, we discuss omission bias in vulnerability management, particularly vulnerability remediation, and how IT operators can overcome it with today's new management platforms.

An article published today by the UK National Cyber Security Centre suggests there is a "Realistic possibility" that by 2025, the most sophisticated attackers' tools will improve markedly thanks to AI models informed by data describing successful cyber-hits. At the lower end, cyber criminals who employ social engineering are expected to enjoy a significant boost thanks to the wide-scale uptake of consumer-grade generative AI tools such as ChatGPT, Google Bard, and Microsoft Copilot.

BSides are happening all over the USA. To find an event near you, visit their website. This event features industry professionals from automotive cybersecurity, artificial intelligence, machine learning, quantum computing, R&D, LLM, and innovation, allowing them to understand the impact of AI in cybersecurity and prepare for it.