Unit 42 said social engineering — the method of choice for groups as diverse as Scattered Spider and North Korean tech workers — was the top initial…

The deal is a further example of tech market consolidation and positioning to guard against threats to enterprise AI systems.

Attackers have already used the exploit dubbed “ToolShell” to intrude hundreds of organizations globally, including private companies and government agencies.

Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.

The letter to Senate Homeland Security and Governmental Affairs Committee leaders comes shortly before they consider his nomination.

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes.

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.