Finding the right balance between encouraging innovation within development teams and securing the software supply chain remains a challenge for federal agencies, according to the acting chief information officer of the IRS.

Ukrainian hacker group Cyber Resistance, aka Ukrainian Cyber Alliance, has claimed to have hacked the email, social media, and personal accounts of Russian GRU officer Lieutenant Colonel Sergey Alexandrovich Morgachev, the leader of APT28.

Companies across the world are taking measures to regulate how their employees use OpenAI’s ChatGPT at work. As with all new technologies, generative AI models like ChatGPT can be a source of both benefits and risks.

The total number of vulnerabilities patched this month is significantly smaller than in February and March, when the industrial giants addressed roughly 100 security issues.

When opened, it displays an image instructing the user to enable Word’s macro code execution to reveal information supposedly protected by M.E. Doc (My Electronic Document).

The Belgium Anti-Phishing Shield (BAPS) has prevented a staggering 14 million clicks to suspicious websites in 2022, thanks to the unique collaboration between the Centre for Cybersecurity Belgium (CCB) and the general public.

An expanded data breach definition and the telcos’ desire to link notifications to “concrete harm” are among the most controversial aspects of the proposed FCC data breach reporting rules.

A design flaw in Microsoft Azure – that shared key authorization is enabled by default when creating storage accounts – could give attackers full access to your environment, according to Orca Security researchers.

The Australian open-source intelligence (OSINT) software company has closed its Series A funding round with almost US$20 million raised to fuel its expansion and service contracts in key markets.

Multiple advisories have been released by the CISA covering bugs found in ICS and SCADA software from several vendors including Rockwell Automation, Hitachi Energy, JTEKT Electronics, Korenix, mySCADA Technologies, and Industrial Control Links. ScadaFlex II series controllers by Industrial Control Links suffered a critical bug with a CVSS score of 9.1, enabling attackers to modify, […]