Bad torts: Law firms feel the heat from rising cyber threats
Experts say the sensitive data law firms hold and their lagging attention to cybersecurity make them prime targets.
Death by digital: attacks on healthcare put people at risk
At least one person has died as what was arguably the direct result of a digital attack on a hospital, but cybercriminals seem unlikely to stop.
Dark Caracal: A bumbling, yet surprisingly effective, cyber mercenary group
At DEF CON, EFF security researcher Cooper Quintin discussed a mysterious group called Dark Caracal that has proven effective despite making many mistakes.
Attackers are on the edge. Where are defenders?
VPNs, virtualization hosts, secure email gateways and other network “edge” devices have become a common entry point for attackers in significant enterprise breaches. How can defenders respond?
2022 was the year of crippling ransomware attacks on small countries
The country of Vanuatu is the latest victim in a string of crippling ransomware attacks on small countries this year. Experts say various motives underlie these incidents but disagree on whether this trend reflects a shift in threat actors away from well-resourced Western nations.
Uber hack jolts outlook for MFA, cybersecurity regulations
A teenager believed to be associated with the Lapsus$ cybercriminal group hacked Uber last week, putting wind in the sails of U.S. efforts to enact stricter cybersecurity rules.
Deep-rooted firmware cyberthreats put defenders in a bind
Recent cyberthreats targeting firmware technology have underscored how tricky it is to weed out malware that can start wreaking havoc before infected computers even boot up.
Ghosts of Log4j: Open-source vulnerabilities confound software developers
Most of the code in typical applications comes from open-source projects, importing dozens — and often, hundreds — of components created by volunteers. As the Log4j incident shows, those deep dependencies can carry critical vulnerabilities.
Lapsus$ breaks windows instead of picking locks, and that terrifies cybersecurity experts
T-Mobile is the latest high-profile target of the Lapsus$ cybercriminal group, whose bar-brawl tactics have stoked tech industry fears of copycat attacks
‘Brazen’ Lapsus$ ransomware group menaces Big Tech
Recent data breaches at NVIDIA, Samsung and Ubisoft have brought a new cybercrime group to light: Lapsus$. Here’s what we know about the malicious hacking crew that’s been targeting Big Tech.