Dark Reading

Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.

The attack forced a shutdown of computer systems and websites for Virginia legislative agencies and commissions, reports state.

The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.

One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.

Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.

This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.

Customers advised to adopt alternative internal processes to support the affected human resources services.

The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to $3,000, but rewards for easier-to-find lower-severity flaws stagnated in 2021.

Most targeted industry shifts from the financial and insurance sector in 2020.

Some tips for effectively combating Web supply chain attacks and customer hijacking via browser extensions.