EnCase Driver Weaponized as EDR Killers Persist

The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.

OpenClaw's Gregarious Insecurities Make Safe Usage Difficult

Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant.

Shai-hulud: The Hidden Costs of Supply Chain Attacks

Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.

'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption

The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption (E2E) by default across their services, as privacy concerns mount amid increased AI use.

What Organizations Need to Change When Managing Printers

Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.

[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses

'Reynolds' Bundles BYOVD With Ransomware Payload

Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique.

TeamPCP Turns Cloud Infrastructure Into Crime Bots

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.

Warlock Gang Breaches SmarterTools Via SmarterMail Bugs

The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.

TransUnion's Real Networks Deal Focuses on Robocall Blocking

The acquisition allows the credit reporting agency to add SMS spam and scam prevention to its robocall blocking capabilities.

OT Attacks Get Scary With 'Living-off-the-Plant' Techniques

Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever.

Automaker Secures the Supply Chain With Developer-Friendly Platform

How a platform engineering team embeds supply chain security into infrastructure without slowing developers.