A study on CIO and CISO prioritization showed these two areas are most important this year. Cloud security is another area high on their lists.

Two breaches of the audio-based social media app reinforce privacy, security concerns.

The attack began with a successful phishing email.

Yet another state has introduced its own data privacy bill: The Oklahoma Computer Data Privacy Act would require organizations get consent before collecting and selling user data.

A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.

APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers.

FireEye Mandiant says it discovered data stolen via flaw in Accellion FTA had landed on a Dark Web site associated with a known Russia-based threat group.

The FBI has warned that telephony denial-of-service attacks are taking aim at emergency dispatch centers, which could make it impossible to call for police, fire or ambulance services.

Most organizations don't give the same thought and attention to their non-human workers, such as bots, RPAs and service accounts, as they do human workers and identity lifecycles.

Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.

APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.