Alexander Culafi

SentinelOne published new research detailing NullBulge, an emerging ransomware actor that recently claimed to have stolen data from Disney’s internal Slack channels.

AT&T disclosed a breach in which threat actors compromised the company’s Snowflake instance and stole call and text records from ‘nearly all’ the company’s cellular customers.

Months after an international law enforcement effort disrupted the notorious ransomware-as-a-service operation, LockBit falsely claimed that it breached the U.S. Federal Reserve.

TeamViewer says a Russian state-sponsored threat actor known as Midnight Blizzard gained accessed to the company’s corporate network via compromised employee credentials.

Evolve Bank & Trust confirmed that it was affected by a cybersecurity-related incident, but has not yet said whether the LockBit ransomware gang was responsible.

The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January.

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor’s ties with the Russian government.

Multiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmware.

In an interview, SentinelOne’s Alex Stamos discussed the importance of security by design and why it needs to be applied to emerging technologies, including generative AI.

Microsoft President Brad Smith testifies on a wide range of issues, including Chinese and Russian nation-state attacks, the controversial AI-powered Recall feature and more.

According to new threat research, Mandiant is reporting that UNC5537 conducted attacks against Snowflake database customers at least as early as April 14.

Microsoft disagreed with Tenable’s assessment, saying the security issue in Azure service tags is not a vulnerability and that additional authentication layers are required.

A threat actor tracked as UNC5537 is using stolen credentials against Snowflake database customers to conduct data theft and extortion attacks, cloud security firm Mitiga said.

While Check Point identified CVE-2024-24919 as the root cause behind recent attack attempts on its VPN products, it’s unclear if threat actors gained access to customer networks.

Check Point said threat actors were targeting a small number of customers by attempting to compromise local VPN accounts that only utilized passwords for authentication.

Cybersecurity vendors and public sector organizations heavily promoted the secure by design approach, particularly for generative AI tools and projects.

Google Threat Intelligence combines investigation findings from Mandiant with crowdsourced intelligence from VirusTotal and operationalizes the data with Google’s Gemini AI model.

IBM’s survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects.

A threat actor accessed Dropbox Sign customer names, emails, hashed passwords, API keys, OAuth tokens, multifactor authentication information and other data.