Rob Wright

The Treasury Department disclosed a "major incident" in which threat actors breached its workstations through a compromised BeyondTrust API key.

AWS Security Incident Response, which is now generally available, has automated triage and remediation capabilities powered by machine learning technology.

AWS CISO Chris Betz outlined how Sonaris, MadPot and Mithra provide automated cybersecurity protections for customers.

Mandiant researchers shed more light on the exploitation activity against a zero-day vulnerability in Fortinet's FortiManager software.

Aqua Security researchers discovered a security issue related to AWS' CDK that jeopardizes customer accounts.

A Chinese research paper caused a stir within the infosec community, with claims that RSA encryption can be defeated with D-Wave quantum systems.

This 'Risk & Repeat' podcast discusses the first Microsoft SFI progress report and what it says about the state of SecOps.

Three Ivanti vulnerabilities have been exploited in the wild this month, though details about the attacks are scarce.

This episode of the Risk & Repeat podcast discusses policy updates Telegram made after the arrest of its founder and CEO Pavel Durov.

FBI director Chris Wray revealed that authorities took down a massive botnet run by a Chinese company named Integrity Technology Group.

A Windows spoofing flaw that Microsoft disclosed and fixed on Sept. 10 was actually exploited months ago as a zero-day vulnerability.

The White House introduced a plan to strengthen BGP security and eliminate hijacking attacks, misconfigurations and other threats.

A Chinese nation-state threat group known as Volt Typhoon exploited a Versa Director zero-day vulnerability in attacks against U.S. organizations.

GitHub on Aug. 14 launched Copilot Autofix, an AI-powered tool designed to automatically remediate vulnerabilities.

Aqua Security researchers showed at Black Hat 2024 how they found new AWS vulnerabilities and an attack method they call 'Bucket Monopoly.'

CrowdStrike's root cause analysis report on the defective channel file update shed additional light on the causes behind last month's mass IT outage.

CrowdStrike responded to comments from Delta Air Lines CEO Ed Bastian, who said the company would seek legal damages for last month's IT outage.

CrowdStrike customers grappling with blue screens of death from the recent IT outage may be able to sidestep BitLocker encryption schemes and recover their Windows systems.

A faulty update for CrowdStrike’s Falcon platform crashed customers’ Windows systems, causing outages at airlines, government agencies and other organizations across the globe.

SolarWinds and CISO Timothy Brown won a partial victory against the Securities and Exchange Commission's lawsuit as a judge dismissed many of the charges.