Cyber Due Diligence
Government Approach to Disrupt Cyber Scams is ‘Fragmented’
Users contend with cybersecurity scams throughout their day; a new Cyber Civic Engagement program wants to provide them with the skills...
Dark Reading Confidential: Cyber’s Role in the Rapid Rise of Digital Authoritarianism
Dark Reading Confidential Episode 11: Enterprise cyber teams are in prime position to push back against our current "Golden Age of Surv...
Zombie Projects Rise Again to Undermine Security
Companies left them for dead, but the remnants of old infrastructure and failed projects continue to haunt businesses' security teams.
An 18-Year-Old Codebase Left Smart Buildings Wide Open
Researcher Gjoko Krstic’s "Project Brainfog" exposed hundreds of zero-day vulnerabilities in building-automation systems still running ...
US Stands Out in Refusal to Sign UN Cybercrime Treaty
The agreement aims to help law enforcement prosecute cross-border cybercrime, but the final treaty could allow unchecked surveillance a...
Critical Claroty Authentication Bypass Flaw Opened OT to Attack
CVE-2025-54603 gave attackers an opening to disrupt critical operational technology (OT) environments and critical infrastructure, plus...
LotL Attack Hides Malware in Windows Native AI Stack
Security programs trust AI data files, but they shouldn't: they can conceal malware more stealthily than most file types.
Cloud Outages Highlight the Need for Resilient, Secure Infrastructure Recovery
Two massive technical outages over the past year underscore the need for cybersecurity teams to consider how to recover safely from dis...
Data Leak Outs Students of Iran’s MOIS Training Academy
A school for the Iranian state hackers of tomorrow has itself, ironically, been hacked.
Data Security Posture Management — What Does ‘Best in Class’ Look Like?
The emergence of Data Security Posture Management (DSPM) in early 2023, followed by major acquisitions by companies like IBM, Thales, a...