Year: 2023

The authentication bypass used by the Nobelium group, best known for the supply chain attack on SolarWinds, required a massive, real-time investigation to uncover, Microsoft says.

Valve’s unpatched JavaScript engine and incomplete modification vetting process for Steam-delivered mods led to user systems being backdoored.

Event organizers should be exercising various cyberattack scenarios to ensure they have the proper checks and balances in place to respond accordingly and maintain resilience.

Bridging the divide between developers and security can create a culture change organically.

Members of the Health-ISAC can ingest threat indicators directly into Chronicle to investigate whether the threat is present in their environment.

Reddit code, internal documents, dashboards, and business systems were compromised in the cyberattack.

A sophisticated cyber-espionage attack against high-value targets attending a maritime technology conference in Pakistan this weekend has been in the works since last year.

Avast researchers also discovered and reported two zero-day vulnerabilities, and observed the spread of information-stealing malware, remote access trojans, and botnets.

As evolving cyber threats force security teams to adopt AI to automate workflows, we ask how the relationship between humans and AI will pan out.