SecurityWeek

The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.

A study commissioned by Apple shows that 2.6 billion personal data records were compromised in breaches in the past two years.

Government agencies in the Five Eyes countries have published new guidance on creating memory safety roadmaps.

Nissan Oceania says it has been working on restoring its systems after falling victim to a cyberattack.

Pool Party is a new set of eight Windows process injection techniques that evade endpoint detection and response solutions.

Virtual conference explores cybersecurity use-cases for artificial intelligence (AI) technology and the race to protect LLM algorithms from adversarial use.

Security features that major CPU vendors plan on integrating into their future products can increase the surface for certain types of attacks.

Organizations need to listen to their CISOs and start turning to cybersecurity automation for the qualitative benefits of employee satisfaction and well-being.

FBI Director Christopher Wray calls for the reauthorization of a U.S. government surveillance tool set to expire at the end of the year.

Ransomware attacks aimed at industrial organizations are increasingly impacting OT systems, according to a Claroty report.

Atlassian has released patches for critical-severity remote code execution flaws in Confluence and other products.

The Bank of England will make an assessment next year about the risks posed by artificial intelligence and machine learning.

Microsoft announced a major shakeup of its security hierarchy, removing the CISO and Deputy CISO and handing the reins to a recent hire.

iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days.

LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.