Автор: Nate Nelson, Contributing Writer

Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover.

Everyone expected some kind of cyberattack during the Olympics. If this is the best they’ve got, the bad guys don’t deserve a spot on the podium.

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

The runaway success of an upstart ransomware outfit called "Dark Angels" may well influence the cyberattack landscape for years to come.

A simple toggle in Proofpoint’s email service allowed for brand impersonation at an industrial scale. It prompts the question: Are secure email gateways (SEGs) secure enough?

Law firms make the perfect target for extortion, so it’s no wonder that ransomware attackers target them and demand multimillion dollar ransoms.

Significant upcoming legislation promises to tighten the screws on cyber incident response in Australia, mirroring CIRCIA in the US.

With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

Phishing and fraud surges during any national news story. This time though, the activity is both more voluminous and more targeted.