All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2228 articles:

Linux Distributions Impacted By High-Severity Glibc Bug

The high-severity flaw (CVE-2023-4911), which was introduced in glibc version 2.34, exists in glibc’s dynamic loader.

Linux

Clues Point to Ongoing Campaign From Qakbot Threat Actors

Researchers have discovered clues that may indicate that the Qakbot threat actors are still active.

Qakbot

Decipher Podcast: Alessio Setaro

Alessio Setaro, CISO of Leroy Merlin Italy, joins Dennis Fisher to talk about his path to becoming a CISO, the challenges of breaking down silos in an organization, and why security is a people-first challenge.

Podcast

Serious Flaws Found in Supermicro BMC Firmware

Researchers have identified seven serious flaws in the BMC firmware on many Supermicro motherboards that can lead to complete compromise of vulnerable servers.

Hardware

Atlassian Fixes Zero Day in Confluence

Atlassian has released fixes for a zero day in its popular Confluence Server and Data Center products.

Atlassian

Researchers Track Exploitation of Critical WS_FTP Flaw

Exploitation has been observed in the wild for a critical flaw in the file transfer server from the MOVEit Transfer maker.

Exploit

Time-to-Exploit: What It Means and Why It’s Going Down

The average time that it takes threat actors to exploit vulnerabilities - either prior to or after their public disclosure - is going down.

Zero Day, Exploit

FBI: Ransomware Actors Launching ‘Dual’ Attacks

Threat actors have deployed two different ransomware variants against victims, including AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum and Roya.

Fbi

Critical Flaw Patched in Progress File Transfer Server

Progress Software has fixed a critical pre-authentication remote code execution bug in its WS_FTP Server product.

Progress Software

Decipher Podcast: Source Code 9/29

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Google Issues Fix For High-Severity Chrome Zero Day

The flaw is the second Chrome zero day fixed by Google this month.

Google

MOVEit Bug’s Ripple Effect Still Unfolding

The full impact of the flaw is still being mapped out, but current estimates show that 2,120 organizations have been impacted by MoveIT Transfer exploits - resulting in the data of at least 62 million individuals being compromised.

Moveit

‘Marriages of Convenience’ Between State Actors and Cybercriminals Provide Cover for Both

U.S. authorities warn that cooperative efforts between state-sponsored actors and cybercrime groups make life more difficult for defenders and law enforcement.

Government, Ransomware

TeamCity Users Urged to Apply Fix For Critical Flaw

Software development company JetBrains is urging customers to apply updates that fix a critical-severity authentication bypass flaw in the TeamCity CI/CD server.

Patch

Pair of Serious Flaws Patched in BIND 9

A pair of serious vulnerabilities have been fixed in the widely deployed BIND 9 DNS server.

DNS