Security news that informs and inspires

All Articles

1235 articles:

Researcher Discovers Private Keys to Decrypt Rogue Cobalt Strike Beacon Communications

Didier Stevens has discovered several shared keypairs used by rogue Cobalt Strike implementations used by malicious actors.

Ransomware

TodayZoo Phishing Kit Used to Swipe Microsoft Credentials

Microsoft researchers said TodayZoo, used for a massive campaign aimed at stealing victims’ credentials, was pieced together from an old phishing kit template.

Phishing, Phishing Kits, Phishing Scams

Decipher Podcast: Courtney Nash

Courtney Nash of Verica joins Dennis Fisher to talk about the new Verica Open Incident Database, which centralizes reports of software outages, security incidents, and near misses, and why studying the way systems fail is so valuable.

Podcast

U.S. Export Controls Crack Down on Surveillance Tools

A newly proposed interim final rule is the result of 2017 negotiations as part of the Wassenaar Arrangement after initial export rules were met with criticism.

Surveillance, Hacking Methods, Government Agencies

Google Disrupts Cookie Theft Malware Attacks

Google researchers point to a resurgence in a decades-old session hijacking tactic, as seen in a recent phishing campaign.

Malware, Browser Security, Admin Session Hijacks

New TA551 Email Campaign Installs Sliver Red-Team Tool

A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.

Malware, Ransomware

BlackMatter Ransomware Actors Targeting Critical Infrastructure

The BlackMatter ransomware operators are targeting critical infrastructure operators in the U.S., including food suppliers.

Ransomware, Government

Q&A: Genevieve Stark and Joshua Shilko

Mandiant threat intelligence researchers give Decipher editor Lindsey O'Donnell-Welch a behind-the-scenes look at how they began tracking recently discovered ransomware group FIN12 - and what's next for the group.

Ransomware

Telecom Firms Compromised in LightBasin Cyberattacks

A well-known attack group has compromised at least 13 telecommunications organizations since 2019, relying on custom toolsets and a novel C2 persistence method.

Cybercrime, Telecommunications, Cyberattack

Ransomware Groups Hit Three Wastewater Facilities This Year

Ransomware actors hist three wastewater facilities in the U.S. in the last few months, accessing SCADA devices and disrupting operations, CISA said.

Government, Critical Infrastructure, Ransomware

FinCEN Warns of Evolving Ransomware Money Laundering Efforts

A Financial Crimes Enforcement Network (FinCEN) report showed cybercriminals switching up their money laundering efforts, in order to avoid detection by law enforcement.

Ransomware, Financial Services, Finance Security

Peering Into the VOID for Better Data

The Verica Open Incident Database (VOID) provides a collection of reports on software outages, security incidents, and near misses to enable analysis of common causes and resolutions.

Data Science

Security Challenges, Ransomware Attacks Plague School Districts

A slew of ransomware attacks is causing government officials to consider the resources needed to secure school district networks.

Education, Education Data Breach, Security Education, Ransomware

Collaboration Seen as Key to Defending Critical Infrastructure

Top officials from NSA and CISA say collaborative defense is the key to countering threats to the critical infrastructure.

Government, Ransomware

APT35 Goes on Phishing Offensive With New Tricks

APT35 attackers are using a new technique in their phishing attacks, which leverages a function from Telegram.

Phishing, Apt35, Google