Organizations are increasingly using AI-powered measures to address the rise in cloud security incidents, as traditional tools struggle to keep up with rapid technological advancements and sophisticated cyber threats.

The FCC is proposing to mandate that broadband providers develop BGP security plans and document their use of the Resource Public Key Infrastructure (RPKI) security framework.

As per cybersecurity insurance firm At-Bay, remote-access tools, particularly self-managed VPNs from Cisco and Citrix, were the primary intrusion point for most ransomware attacks in 2023, accounting for over 60% of incidents.

The vulnerability can be exploited on multi-user machines, where an attacker can prepare a local repository to look like a partial clone that is missing an object, causing Git to execute arbitrary code during the clone operation.

Traditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to Claroty.

The cybercriminal group GhostSec has shifted from ransomware to hacktivism, stating they've gathered enough funds and will now focus on promoting social and political agendas through hacking.

The U.S. government is offering a $5 million reward for information on a network of North Korean IT workers who allegedly scammed U.S. companies out of nearly $7 million through a job fraud scheme.

Cybercriminals are exploiting Microsoft's Quick Assist tool to conduct social engineering attacks and deliver ransomware like Black Basta to target users across various industries.

Despite repeated efforts by the CISA to eliminate common software vulnerabilities, unsafe software development practices continue to persist across the industry, highlighting the challenges in driving change in coding practices.

A design flaw in the IEEE 802.11 Wi-Fi standard allows attackers to trick victims into connecting to a less secure wireless network than the one they intended to connect to, exposing them to higher risks of traffic interception and manipulation.