Security news that informs and inspires

All Articles

1587 articles:

CISA: Lazarus APT Targeting Blockchain Orgs With TraderTraitor Malware

The Lazarus APT group is targeting cryptocurrency and blockchain organizations with malware called TraderTraitor, warns the U.S. government.

Lazarus

Lenovo Releases Fixes For UEFI Firmware Flaws

Lenovo has released security advisories addressing a trio of flaws that impact dozens of laptop models.

Uefi, Lenovo

Decipher Podcast: Justine Bone

The medical industry is still facing an array of security challenges, but hospitals and healthcare providers are becoming more aware of the risks inherent in their environments.

Podcast, Medical Devices

Attackers Used Stolen OAuth Tokens to Download Private GitHub Repositories

A threat actor used stole OAuth tokens for third-party integrators Heroku and Travis-CI to access and download private GitHub repositories belonging to dozens of companies.

Github

Pegasus Spyware Operations Targeted UK Gov Officials, Catalans in Spain

Citizen Lab researchers disclosed two separate operations where the Pegasus spyware was deployed, including one against official UK government networks and another against 65 Catalan individuals in Spain.

Pegasus, Spyware

U.S. Gov Offers $5M Reward For North Korean Cybercrime Intel

The U.S. government is ramping up its pressure on North Korea-linked malicious cyber activity after a $600 million crypto-heist that was linked recently to the Lazarus Group.

Lazarus, Cryptocurrency

The Origin of Threat Groups: Scaling Out Operations

Threat groups are getting better at scaling out operations through affiliate relationships and partnerships.

Cybercrime

Regional U.S. Government Agency Hit With LockBit Ransomware

Researchers observed a "very messy attack" on a regional U.S. government agency where attackers lurked in the network for at least five months before ransomware was deployed.

Ransomware, Government Agencies

Spring Framework Flaw Exploited in Mirai Malware Attacks

The previously discovered RCE flaw in the Spring framework is being leveraged by attackers to deploy the Mirai botnet malware.

Mirai, Malware, Java

Decipher Podcast: Martin Roesch

Martin Roesch, CEO of Netography and creator of Snort and former CEO of Sourcefire, joins Dennis Fisher to talk about why he decided to come out of retirement and what the big challenges are for security right now.

Podcast

The Origin of Threat Groups: Setting the Foundation

The Conti leaks show how threat groups have refined the process of building out their resources, talent and infrastructure.

Cybercrime, Threat Actors

Decipher Podcast: Source Code 4/8

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code

FIN7 Member Sentenced to Five Years in Jail

Denys Iarmak, 32, is the third member of the infamous FIN7 cybercrime group to be sentenced in the U.S.

Cybercrime

Meta Disrupts Two Iranian Threat Groups

Meta has disrupted the operations of two Iranian threat actors, including UNC788 and a previously unidentified group, that were using the company's platforms to target a wide range of victims.

Iran, Facebook

APT10 Espionage Attacks on U.S. Orgs Uncovered

A recent wide-ranging campaign shows how APT10 is broadening its victimology beyond Japanese organizations.

Apt, Malware