Security news that informs and inspires

All Articles

2224 articles:

Sandworm Group Shifts to Espionage Attacks, Hacktivist Personas

Recent activity by the well-known Sandworm group - which researchers with Mandiant have started calling APT44 - relies on a mix of espionage efforts and hacktivist personas.

APT

UnitedHealth Took $872M Hit From Change Cyberattack

UnitedHealth Group reports that the Change Healthcare ransomware attack has had an $872 million financial hit on its business, so far.

Ransomware

Critical Crypto Bug Fixed in PuTTY

Many versions of the PuTTY client have a weakness that can generate biased ECDSA nonces and enable an attacker to eventually recover private encryption keys.

Encryption

CISA Warns of Sisense Breach

CISA is warning of a customer data breach at Sisense, a provider of business data analytics platforms, but the details of the incident are scarce still.

Sisense

Palo Alto Networks Discloses Critical PAN-OS Zero Day

The flaw is being exploited in the wild, and no patches will be available until Sunday.

Zero Day

CISA Emergency Directive Orders Mitigations After Microsoft Breach

The U.S. government has made public an emergency directive that it issued last week for federal agencies, ordering them to take various mitigation measures after Microsoft's compromise last year.

Microsoft

Microsoft Patch Tuesday Update Fixes Actively Exploited Flaws

Microsoft has issued over 147 patches in its largest patch Tuesday release since 2017, including fixes for two actively exploited vulnerabilities.

Patch Tuesday

Memory Safe: Sherrod DeGrippo

In this week’s Memory Safe episode, Sherrod DeGrippo of Microsoft talks about her first experiences with hacker culture, why a Stanley Kubrik movie shows a glimpse of what AI is, and how she makes sure that “threat intelligence hits the right note.”

Memory Safe

SAP Fixes Three High-Severity Flaws

The most severe flaw stems from password requirements not being checked in some features of SAP’s NetWeaver Java User Management Engine.

Vulnerability

Hospital IT Help Desks Hit With Social Engineering Attacks

The U.S. Department of Health and Human Services is warning of "sophisticated" social engineering attacks on hospital IT help desks that aim to gain access to employees' email accounts.

Healthcare

New Starry Addax Threat Actor Targets Victims With Android Malware

A newly identified threat group known as Starry Addax is targeting human rights activists and others in western Africa with novel Android malware called FlexStarling.

Malware

3 Things We Still Don’t Know About the XZ Backdoor

The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are known, there is plenty we still don't know. Dennis Fisher and Lindsey O'Donnell-Welch talk about the unknowns and what if anything could have been done to prevent this from happening.

Open Source Security, XZ Backdoor

Ivanti Patches New Flaws as Exploits Continue Against Older Ones

Ivanti has released patches for four new vulnerabilities in its Connect Secure and Policy Secure appliances, as Mandiant said it has seen eight separate groups exploiting some older flaws in those devices.

China, Ivanti

New Malware Emerges With IcedID Links

Researchers believe that the new malware, likely created by IcedID developers, will become increasingly used by threat actors across the landscape.

Malware

Post-Disruption, LockBit’s Reputational Damage Key

Law enforcement efforts to sow distrust and hit LockBit’s brand have had arguably the biggest impact on undermining the ransomware-as-a-service model behind the group.

Ransomware