Security news that informs and inspires

All Articles

763 articles:

Decipher Library: First Edition

We've put together a list of security and privacy related book recommendations from people across the industry, from technical manuals to histories to cyberpunk fiction.

Books, Ciso, Privacy

Magecart Sets Sights on the SMB

The prolific Magecart group continues to evolve its attack techniques as it uses new skimmer code to steal payment card numbers from the websites of small- and medium-sized businesses, RiskIQ researchers found.

Magecart, Cybercrime, Ecommerce Security

Long Campaign Compromises MS-SQL Servers by the Thousands

An attacker based in China has been compromising thousands of MS-SQL servers for nearly two years.

Microsoft

Washington Is First State to Regulate Facial Recognition

As the first state with with a law regulating how government agencies can use facial recognition software, Washington provides other states with a blueprint on how—and how not to—tackle the security and privacy questions around the technology.

Facial Recognition, Privacy

Cloudflare Releases Warp Beta for Windows and macOS

The Cloudflare Warp security service is now available in beta for Windows and macOS, a year after the app became available for iOS and Android.

Vpn

Marriott Discloses New Data Breach

Marriott says 5.2 million customers may be affected by a new data breach disclosed today.

Data Breaches

Decipher Podcast: Rich Mogull

Rich Mogull, CEO of Securosis and a longtime paramedic and disaster medic, joins Dennis Fisher to discuss the mindsets required to prepare for and respond to both physical disasters and security incidents.

Podcast

EFF Says Privacy Loopholes Remain in CCPA

California is expected to begin enforcing its new consumer privacy law starting July 1, but the Electronic Frontier Foundation is concerned about all the loopholes that still remain.

Privacy, Government

WireGuard VPN Added to Linux Kernel

The WireGuard VPN is now a default part of the Linux 5.6 kernel.

Privacy, Linux

The Short, Unhappy Lives of Five Zero Days

Google's Threat Analysis Group discovered one attacker exploiting five separate zero days in several applications last year, a highly unusual attack pattern.

Google, Phishing

Attackers Target Home Routers With DNS-Changing Hack

Attackers are compromising home routers and changing the DNS settings to redirect victims to a site serving malware.

Malware

Give IT a Break from Software Updates

Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.

Appsec, Application Security, Appdev, Ciso, Patch

APT41 Campaign Targeted Companies in 20 Countries

APT41, an attack group connected to China, has been running a broad campaign using public exploits and flaws to target companies in 20 countries.

Apt

California, NY Consumer Privacy Laws Protect Data from Misuse

Organizations collecting and maintaining personal information about California and New York residents should be paying attention as the data security element of New York's SHIELD Act goes into effect and the California Attorney General releases a second set of modifications on regulations on implementing CCPA.

Data Privacy

Insurers See Ransomware Claims More Than Double

Ransomware attacks are on the rise, and the in-house breach investigations team at insurance company Beazley Group said there were 131 percent more ransomware attacks against its customers in 2019 than was in 2018. The spike in attacks were most evident in healthcare, professional services, and financial services.

Ransomware, Cybersecurity Insurance