An anonymous hooded figure consisting of binary code stands in a virtual corridor of circuits.

What happened to the Lapsus$ hackers?

Despite using methods that are "bold, illogical, and poorly thought out, Lapsus$ has successfully breached companies like Microsoft, Vodafone and Nvidia.

cso security hack breach identity infiltrate gettyimages 653137674 by solarseven 2400x1600px

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account.

lies that people tell themselves pinocchio liar lying by malerapaso getty

How a Venezuelan disinformation campaign swayed voters in Colombia

A Black Hat presentation explains how Russia-aligned Venezuela influenced the presidential election in Columbia to its political benefit.


ransomware attack

Black Basta: New ransomware threat aiming for the big league

The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.

Delivering frictionless customer experiences while safeguarding data security

Kisume, 175 Flinders Lane, Melbourne

During this roundtable, you will have the opportunity to discuss how to enhance your customers’ experience across all channels while keeping their personal data as secure. We will focus on customer identity and access management (CIAM) and the avenues available to create frictionless experiences. The discussion will include but not be limited to: Why CIOs, CISOs, and technology leaders are taking on a heightened role in shaping the digital customer experience > Effectively managing the relationship between data security and the Consumer Data Right (CDR) > Effective techniques for leveraging customer identity and orchestration to foster collaboration > How to optimise security for users without sacrificing the convenience they expect > Best practices for streamlining the digital experience to deliver business impact and effective ways to measure success > The pursuit of passwordless authentication methods

cloud security

Sensitive data in the cloud gets new automated remediation tool from BigID

An automated watchdog designed to keep private files in cloud storage secure is now available for Google Drive users, from data intelligence and management company BigID.


Microsoft urges Windows users to run patch for DogWalk zero-day exploit

Despite previously claiming the DogWalk vulnerability did not constitute a security issue, Microsoft has now released a patch to stop attackers from actively exploiting the vulnerability.

Security system alert, warning of a cyberattack.

CrowdStrike adds AI-powered indicators of attack to Falcon platform

The new feature leverages millions of examples of malicious activity to more accurately identify signs of an attack.

A laptop displays binary code and the flag of China.

Chinese APT group uses multiple backdoors in attacks on military and research organizations

The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.

Industry 4.0 / Industrial IoT / Smart Factory

OPSWAT launches new malware analysis capabilities for ICS, OT networks

Critical infrastructure cybersecurity vendor enhances its MetaDefender Malware Analyzer platform to map malware to the MITRE ATT&CK Industrial Control Systems framework.


A shoe about to step on a banana peel, stopped by a small superhero.

How harm reduction can more effectively reduce employee risky behavior

Black Hat speaker proposes framework to reduce the negative consequences of risky user actions and encourage them to follow security's advice.

Printer / printing  >  network / deployment / connectivity / security.

8 tips to secure printers on your network

Printers are essentially computers attached to your network and should be protected accordingly. Here's how.

Conceptual images of an executive as she walks the path forward into the light.

7 best reasons to be a CISO

The role of the CISO has its challenges, but these positives are what people in the role say make it all worthwhile.

Conceptual image of three figures running toward a goal, along trend lines drawn by a large hand.

How OKRs keep security programs on track

This goal-setting framework can help security teams stay focused on priorities, but success requires a commitment to implementing supporting practices.


Ransomware, email compromise are top security threats, but deepfakes increase

While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto.