_Maskot_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
A Guy Who Wrote the Code Died in 2005. I Still Have to Secure It
The real front line of American cybersecurity is a bidding war on eBay for 30-year-old industrial controllers.
What Orgs Can Learn From Olympics, World Cup IR Plans
In this edition of "Reporters' Notebook," we discuss cyberattackers targeting the Milan-Cortina Winter Games, adding them to a long list of global sporting events in the crosshairs. Though the attack surface is grander, there are key incident-response takeaways for regular enterp
Why Stryker's Outage Is a Disaster Recovery Wake-Up Call
The Iranian cyberattack on Stryker is the kind of stress test that business continuity and disaster recovery programs often do not plan for.
Delinea's StrongDM Acquisition Highlights the Changing Role of PAM
StrongDM, which injects ephemeral, real-time credentials into developer workflows, will enable Delinea to offer privilege access management across cloud, SaaS, Kubernetes, and database environments.
Commercial Spyware Opponents Fear US Policy Shifting
Rescinded sanctions and reactivated contracts have created confusion about the Trump administration's spyware policy and where it draws the line.
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.
Why Post-Quantum Cryptography Can't Wait
Organizations have to prepare to ensure they have cryptography in place in the post-quantum world.
Real-Time Banking Trojan Strikes Brazil's Pix Users
The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.
Most Google Cloud Attacks Start With Bug Exploitation
Forget stolen credentials and misconfigurations. Thanks to AI, the new top cause of compromises in the cloud is vulnerability exploits that beat patching cycles.
Will AI Save Consumers From Smartphone-Based Phishing Attacks?
Sophisticated phishing attacks are bypassing on-device protections with troubling frequency, making it more critical than ever for users to protect themselves from potential threats, new research from Omdia shows.
Cyberattackers Don't Care About Good Causes
Sightline Security's founder and advisory board discuss how cybersecurity poses significant problems for nonprofits and suggest ways the industry can help.
The Data Gap: Why Nonprofit Cyber Incidents Go Underreported
Threat actors target nonprofits due to security gaps and highly coveted information, but a lack of sufficient data makes it difficult to grasp the entire picture.