New revelations from the investigation into the SEC's Twitter account compromise reveal that it stemmed from a SIM swapping attack and that MFA had been disabled on the account.
Apple has fixed a actively exploited WebKit bug (CVE-2024-23222) in iOS and macOS. and added a new security feature called Stolen Device Protection.
CISA said its new emergency directive for Ivanti zero-days is “based on widespread exploitation of vulnerabilities by multiple threat actors."
Threat actors exploited a critical-severity VMware flaw for almost two years before patches were released in October.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.
Flaws in Citrix NetScaler and ADC Gateway have historically been targeted by threat actors, though researchers don't believe the impact of these two bugs to match that of CitrixBleed.
In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it’s broken.”
A new phishing campaign by a subset of the Iranian threat group Mint Sandstorm is targeting universities and research organizations with custom backdoors.
For patching, VMware said that "this situation qualifies as an emergency change."
The flaw (CVE-2023-7028) stems from the fact that user account password reset emails can be delivered to unverified email addresses.
An unidentified APT group is actively exploiting the two recently disclosed Ivanti Pulse Secure and Connect Secure vulnerabilities (CVE-2023-46805 and CVE-2024-21887).
A new Python-based hacking tool is leveraged by cybercriminals to target cloud and SaaS platforms, and payment services, like AWS, Office365, PayPal and Twilio.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Patches will be released starting Jan. 22, but until then Ivanti urges customers to apply mitigations.