Security news that informs and inspires

All Articles

2202 articles:

U.S. Offers Reward For BlackCat Ransomware Group Intel

The U.S. government is looking for more information about the individuals affiliated with the BlackCat ransomware group, which was behind the Change Healthcare attack.

Ransomware

Organizations Grapple With Identity Pain Points

Cisco's 2024 Cybersecurity Readiness Index showed that 36 percent of respondents ranked identity protection as a major challenge.

Identity

The Unique AI Cybersecurity Challenges in the Financial Sector

A new report by the Treasury Department looks at both the challenges and the opportunities when it comes to AI and cybersecurity in the financial sector.

AI

Google: Zero-Day Attacks Surged in 2023

Google reported that 97 flaws were exploited in the wild in 2023, up 50 percent from the number of zero-day attacks recorded in 2022.

Zero Day

Decipher Podcast: Jack Cable

Jack Cable, senior technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA), talks about his past experiences with bug bounty programs, CISA’s Secure By Design initiative and its efforts to help secure the open-source software ecosystem.

Podcast

Critical Fortinet Flaw Now Actively Exploited

Fortinet earlier this month disclosed and issued a patch for the flaw (CVE-2023-48788), which exists in FortiClientEMS, its central management solution for endpoints.

Fortinet

U.S. Sanctions, Indicts Alleged Members of Chinese APT31

The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven people alleged to part of China's APT31 threat group.

China

APT29 Phishing Attack Targets German Political Parties

Researchers observed APT29 using phishing emails in order to target German political parties with a new backdoor variant in late February.

Apt29

Q&A: Karen Habercoss

Karen Habercoss, chief privacy officer with UChicago Medicine, talks to Decipher about the unique data privacy and security challenges that the healthcare sector faces, and how organizations in this industry are approaching areas like AI and identity management.

AI, Identity Management, Healthcare

Ransomware, Backdoors Deployed in JetBrains Flaw Attacks

Researchers released further details about exploitation campaigns targeting the critical-severity JetBrains flaw.

Ransomware

TinyTurla-NG Backdoor Has Big Capabilities

New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.

Russia

Threat Actor Exploits F5, ConnectWise Flaws to Target U.S. Orgs

A threat actor has been observed exploiting various previously disclosed flaws to gain access to various U.S. governments and research organizations.

Exploit

Ivanti Patches Critical RCE Standalone Sentry Flaw

At the time of disclosure, Ivanti said it is not currently aware of the flaw being exploited.

Vulnerability

U.S. Government Doubles Down on Chinese APT Warnings

“The PRC’s inside the house,” said Andrew Scott, associate director for China operations with the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

China

New AcidPour Wiper Malware Found in Ukraine

SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.

Russia, Malware