Security Bulletin

Dark Reading's roundup of strategic cyber-operations insights for chief information security officers and security leaders. Also this week: SEC enforcement actions, biometrics regulation, and painful encryption changes in the pike.

Lack of AI model visibility and security puts the software supply chain security problem on steroids.

Stolen data from Chunghwa Telecom — including government-related details — are up for sale on the Dark Web, the Taiwanese defense ministry confirms.

The National Institute of Standards and Technology (NIST) has revised the book on creating a comprehensive cybersecurity program that aims to help organizations of every size be more secure. Here's where to start putting the changes into action.

Avast researchers say North Korean APT has developed a new, stealthier rootkit and appears poised to continue enhancements.

A sophisticated threat actor using an MO similar to Scattered Spider is camouflaging itself with convincing impersonation techniques in targeted attacks.

A growing thicket of privacy laws regulating biometrics is aimed at protecting consumers amid increasing cloud breaches and AI-created deepfakes. But for businesses that handle biometric data, staying compliant is easier said than done.

The better a security team works together, the bigger the direct impact on how well it can protect the organization.

This year, the team was tapped to build a similar team to support the Cisco Live Melbourne 2023 conference. This report serves as a summary of the design, deployment, and operation of the network, as well some of the more interesting findings from...

The Commerce Department is going to open an investigation into the national security risks posed by connected vehicles and similar technologies that are made in China and other countries of concern.

Cisco released security advisories to address vulnerabilities affecting Cisco NX-OS Softwar e. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review...

Golden Corral, a prominent American restaurant chain known for its all-you-can-eat buffet and grill, revealed a significant data breach following an August cyberattack.