• All Articles
• Who We Are

Security news that informs and inspires

SEARCH

Social-engineering

Security Basics Prove Highly Effective at Stopping Account Takeovers

New Google research on account takeovers found that basic account hygiene can defeat the vast majority of attacks.

By Dennis Fisher

WhatsApp

WhatsApp Flaw Used in Targeted, Not Widespread, Attacks

A WhatsApp vulnerability has reportedly been used in highly targeted attacks to install spyware on victims' phones.

By Dennis Fisher

Data Breaches

Stack Overflow Updates Breach Advisory With More Details

Kudos to Stack Overflow, for promptly notifying users as soon as it identified a breach and posting an update with more details...

By Fahmida Y. Rashid

Hardware

Intel, Tech Giants Release Updates to Fix New Chip Flaws

Like the earlier Meltdown and Spectre class of bugs, the new side-channel attacks ZombieLoad, RIDL, and Fallout take advantage...

By Fahmida Y. Rashid

Privacy

Firefox Now Blocks Cryptominers and Fingerprinters

In Firefox 67, Mozilla has moved to block cryptominers and browser fingerprinters, which track users across the web.

By Dennis Fisher

Microsoft

Microsoft Patches Legacy Windows to Prevent Worms

End-of-life doesn’t mean no longer a threat. Microsoft decided to release security updates for no longer supported Windows 2003...

By Fahmida Y. Rashid

Podcast

Decipher Podcast: Daniel Gruss

Dennis Fisher talks with Daniel Gruss of TU Graz about the Zombiload attack on Intel processors.

By Dennis Fisher

TLS

Attackers Are Hiding By Tampering With Encrypted Web Traffic

Attackers are increasing their use of "cipher stunting," a technique that randomizes their SSL/TLS signatures, to obscure the...

By Fahmida Y. Rashid

Data Breaches

Code Repository Companies Pledge to Share Attack Data

Atlassian, GitHub, and GitLab pledged to continue the information sharing relationship they started while investigating the...

By Fahmida Y. Rashid

Dennis Has Some Questions About...Passwords

Dennis Has Some Questions About…Passwords

People love to hate passwords and most of us aren't very good at creating and remembering them. But we still need them so...

By Dennis Fisher

Malware

FIN7 Attackers Still in the Water

The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers...

By Dennis Fisher

Malware

DNSpionage Attackers Deploying New Karkoff Backdoor

The DNSpionage attack group is now using a new backdoor called Karkoff, which may have ties to the OilRig leaks as well.

By Dennis Fisher

Malware

U.S.-Based Malware Hosting Setup Possibly Tied to Necurs Botnet

Bromium researchers have been tracking a phishing and malware campaign, possibly linked to the Necurs botnet, that uses...

By Dennis Fisher