For individuals

In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.

SentinelLabs reveals information on four previously unreported Chinese front companies taken down by the U.S. government Oct. 10.

Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

Three of SC Media's Women in IT Security honorees share their stories of overcoming challenges in cybersecurity.

Aside from primarily leveraging basic usernames for their accounts, organizations impacted by ransomware intrusions from July to September — including those in the government and healthcare industries — also mostly failed to implement multi-factor authentication that could have deterred brute-force attacks.

Data within the unsecured database included military personnel and their supporters' full names, images, mailing addresses, locations, images, Social Security numbers, and National Insurance numbers, a report by cybersecurity researcher Jeremy Fowler published on vpnMentor showed.

Numerous cybersecurity-related measures have been advanced by the Senate Homeland Security and Governmental Affairs Committee, led by the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024, which would mandate the adoption of National Institute of Standards and Technology guidance-adherent vulnerability disclosure policies among federal contractors.

Included in the Phobos-hit organizations that paid a ransom were a California public school system, a North Carolina children's hospital, a Maryland-based accounting and consulting service provider, and health organizations in Pennsylvania and Maryland, revealed an unsealed indictment against suspected Phobos administrator Evgenii Ptitsyn.

MITRE has regarded cross-site scripting flaws as the most common and severe software vulnerabilities this year, followed by out-of-bounds write, SQL injection, cross-site request forgery, and path traversal issues.