A hearing of the House Homeland Security panel’s cyber subcommittee weighed whether to designate data centers as a standalone critical infrastructure sector.

Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to…

A debate over actual exploitation is muddying response efforts. Multiple researchers say they’ve observed working proof of concepts while others assert evidence of attacks is lacking.

Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.

The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.

Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…

A threat group Google tracks as UNC6395 systematically stole large amounts of data from Salesforce customer instances by using OAuth tokens stolen from Salesloft Drift, researchers said.

The DDoS botnet was among the most powerful on record, allegedly exceeding six terabits per second during its largest attack, authorities said. Victims are spread across 80…

The presentation Monday revises the old Spectre vulnerability in a new scenario, demonstrating there’s not enough focus on the danger.

Amazon CSO Stephen Schmidt says AI is transforming the way the company does security reviews and incident response.