Balancing the good and bad of AI/ML means being able to control what data you’re feeding into AI systems and solving the privacy issues to securely enable generative AI.

Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.

The infamous vulnerability may be on the older side at this point, but North Korea’s primo APT Lazarus is creating new, unique malware around it at a remarkable clip.

Privacy concerns see the proposed digital identity system paused until February.

As record-breaking volumes of ransomware hit cities, towns, and counties this year, municipalities remain easy targets that pay, and there’s no end of the attacks in sight.

State-sponsored actors continue to exploit CVE-2023-23397, a dangerous no-interaction vulnerability in Microsoft’s Outlook email client that was patched in March, in a widespread global campaign.

Cybersecurity could be heading for a Sarbanes Oxley-type of regulation in light of escalating attacks, but the devil is in the details.

Cyber-insurance companies are moving down-market to offer policies to help protect remote employees, independent contractors, and small businesses from the cost of cyberattacks.

Instead of fighting workarounds that compromise security, a human-centered system fixes the process issues that prompt people to work dangerously.

Chaos and volume of holiday season sales make a perfect storm of threat opportunity. Companies need to prepare — and practice! — action plans, identify key stakeholders, and consider cyber insurance.