Eclypsium has discovered four vulnerabilities that impact 128 Dell device models, and an estimated 30 million individual devices, that allow threat actors to remotely execute code in a pre-boot environment, according to new research released today.

New consumer privacy laws and innovative fraudsters have given security professionals much to do in a supercharged digital economy. As our digital footprints widen, bad actors are finding increasingly sophisticated ways to access troves of personal information and sensitive data.

Lamont Orange, Netskope's Chief Information Security Officer (CISO), talks to Security magazine about how to foster a security-first culture with Security Access Service Edge (SASE) adoption.

The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations.

In an effort to counter the often pernicious effect of biases in artificial intelligence (AI) that can damage people’s lives and public trust in AI, the National Institute of Standards and Technology (NIST) is advancing an approach for identifying and managing these biases — and  is requesting the public’s help in improving it. 

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) says the 2020 SolarWinds supply chain cybersecurity compromise could have been prevented with a decade-old security recommendation. 

USB-based threats that can severely impact business operations increased significantly during a disruptive year when the usage of removable media and network connectivity also grew, according to a report by Honeywell.

WhiteHat Security published their latest installment of the AppSec Stats Flash report and podcast, surveying the current state of the application security and wider threat landscape.

Most IT leaders believe that ransomware attacks will be a greater concern in a hybrid workplace, with legal firms and healthcare organizations particularly concerned about this threat, according to a new Tessian report.