Dark Reading

Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities.

Rob Lefferts, corporate vice president for Microsoft 365 Security in Security and Compliance, explains the company's approach to keeping its customers and the industry apprised and updated on its findings from the now-infamous attack.

These common human traits are the basic ingredients in the con-man's recipe for trickery.

Patch management and testing are different, exactly the same, and completely out of hand. Here are tips from the experts on how to wrangle patches in a time of malicious software updates.

On International Women's Day 2021, gender diversity has improved in cybersecurity, but there is still a long way to go.

If you haven't already, it's time to build trust relationships with your financial institutions, using strong security, privacy protections and secure, unique user credentials.

Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.

Interest in vaccines is driving all sorts of activity, reports say, from vaccine-specific phishing to growing bot traffic on healthcare sites.

Newly discovered tools were designed for late-stage use after the attackers had already established a relatively firm presence on a breached network, vendors say.

Justice officials claim antivirus founder and associate fraudulently promoted altcoins via Twitter.

The enterprise of the future will depend upon organizations' ability to extend the company firewall to everywhere people are working.

Criminals text or email photos of fake government identification badges to trick people into sending money.

Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.

The red team draws attention, but the blue team has the expertise to keep networks secure day in and day out.

Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.

The attacks seem more widespread than initially reported, researchers say, and a look at why the Microsoft Exchange Server zero-days patched this week are so dangerous.

Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.

The deal, valued at $6.5 billion, will bring together competitors in the identity management space.

The US Department of Homeland Security agency's new emergency directive comes in the wake of major zero-day attacks on email servers revealed by Microsoft this week.