For providers

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt.

The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs.

The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach.

This week, CISA updated its advisory on Scattered Spider. Scattered Spider is a threat actor using social engineering tricks to access target networks. The techniques used by Scattered Spider replicate those used by other successful actors, such as Lapsus$. Social engineering does not require a lot of technical tools; creativity is key, and defenses have a hard time keeping up with the techniques used by these threat actors.

To reposition cybersecurity as a strategic, business-critical investment, CFOs and CISOs play a critical role in articulating the significant ROI that robust security measures can deliver.

An ongoing AitM campaign by the infamous Moscow-sponsored cyber-threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.

Following a number of high-profile security and development issues surrounding the use of LLMs and GenAI to code and create applications, it's worth taking a temperature check to ask: Is this technology ready for prime time?

The lesson from the breach is not just about what went wrong — but what could have gone right.

Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn't doing enough to deal with the looming crisis. Bugcrowd's Trey Ford, expert Adam Shostack, and CVE historian Brian Martin sit down with Dark Reading to help us figure out what a "good" future of the CVE Program would look like and how to get there.