New ZeroCleare Wiper Malware Used in Targeted Attacks
The new ZeroCleare malware has been used in destructive attacks against energy companies in the Middle East.
SEARCH
Contract for Web Can’t Fix Privacy Problems If Security Isn’t Included
As the inventor of the World Wide Web, Tim Berners-Lee proposed the [Contract for the Web](https://contractfortheweb.org/) as a...
Linux Flaw Allows VPN Hijacking
A vulnerability in many Linux distributions, as well as Android and iOS, can allow an attacker to hijack VPN connections in...
Open Source Flan Scan Combines Nmap with Vulnerability Scanning
Cloudflare has open sourced Flan Scan, a “lightweight” network vulnerability scanner that it uses in-house to help identify...
StrandHogg Bug Plagues Android
Many versions of Android, including Android 10, have a weakness dubbed StrandHogg that can lead to credential phishing and...
A Sovereign Internet Will Not Combat Cybercrime
The United Nations General Assembly will vote on a Russia- and China-backed resolution that claims to give governments tools to...
NIST Developing Hardware Security Guidelines for Enterprises
The federal government's technical standards body is working on best practices for verifying the security and integrity of...
Decipher Podcast: Brian Donohue
Brian Donohue of Red Canary joins Dennis Fisher to discuss the news and insights from Cyberwarcon.
Congress Proposes a Promising New Privacy Bill
The ranking Democrat on a Senate Commerce Committee has unveiled a new digital privacy bill that would strengthen the FTC’s...
Dennis Has Some Questions About…2FA
Two-factor authentication is a vital part of many corporate security strategies, and is now offered by lots of consumer apps,...
AWS Adds New Protections Against SSRF, Other Web App Attacks
The new AWS IMDSv2 security feature mitigates common attacks that take advantage of SSRF, open WAFs, and open layer 3 firewalls.
AWS Promises to Scan for Misconfigured Servers
Amazon Web Services will now scan customer environments for potentially misconfigured servers in the wake of Capital One's data...
Capital One Breach Does Not Mean the Cloud is Insecure
Financial services organizations and many other enterprises have hesitated to go all in the cloud, citing concerns about...
