Security news that informs and inspires

All Articles

1815 articles:

Prestige Ransomware Hits Targets in Ukraine and Poland

A new ransomware called Prestige has hit organizations in Poland and Ukraine using a variety of deployment methods.

Russia, Ukraine

Black Basta Uses Qakbot, Brute Ratel in Ransomware Attacks

Researchers said the attack kill chain is the first time they observed Brute Ratel being used as a second-stage payload via a Qakbot infection.


Attackers Exploiting Critical Fortinet Authentication Bypass

Mass exploitation of a new Fortinet authentication bypass flaw (CVE-2022-40684) is ongoing and proof of concept exploits are available.

Vulnerability, Fortinet

Decipher Podcast: Source Code 10/14

Welcome back to Source Code, Decipher’s weekly news wrap podcast.

Source Code, Podcast

Budworm Threat Group Attacks Reveal ‘Change in Focus’

The Budworm espionage group leveraged the Log4j flaw to target a number of high-value organizations worldwide, including an unnamed U.S.-based state legislature.


Google Rolls Out Support for Passkeys in Android and Chrome

Google is rolling out support for passkeys in Android and Chrome in a significant step toward passwordless authentication.

Passwords, Google

New Alchimist C2 Framework Emerges

Researchers at Cisco Talos have uncovered a new all-in-one C2 framework called Alchimist that has implants called Insekt for Windows and Linux.


Decipher Podcast: David Agranovich

David Agranovich, director of threat disruption with Meta, discusses how threat groups are evolving their targeting of social media platforms in malware and espionage campaigns.

Facebook, Podcast

Microsoft Fixes Actively Exploited Windows Privilege-Escalation Bug

Meanwhile, two exploited Exchange flaws that publicly emerged two weeks ago were not addressed in Microsoft’s update.

Microsoft, Patch Tuesday

Hardcoded Private Key Leads to Full Control of Some Siemens PLCs

A newly discovered flaw (CVE-2022-38465) in some Siemens S7 PLCs can allow an attacker to extract the hardcoded private key of the controller and gain complete control.

Ics, Siemens

Caffeine: A ‘Readily Accessible’ Phishing-as-a-Service Platform

Researchers said a new phishing-as-a-service platform features an entirely open registration process that makes it easier for cybercriminals to leverage.

Phishing, Phishing Kits

Q&A: Juan Andres Guerrero-Saade

Juan Andres Guerrero-Saade, senior director at SentinelLabs, discusses the newly discovered Metador APT group.


Log4j, ProxyLogon Among Top Flaws Exploited by Chinese Threat Groups

The NSA, FBI and CISA revealed the top CVEs exploited since 2020 by Chinese threat actors to gain initial access to sensitive networks.

Log4j, China

Researchers Warn of Unpatched, Actively Exploited Zimbra Flaw

Zimbra has published mitigations against the actively exploited flaw (CVE-2022-41352) in Zimbra Collaboration Suite; however, it has yet to issue a fix.

Zimbra, Vulnerability

Decipher Podcast: Source Code 10/7

Welcome back to Source Code, Decipher’s weekly news wrap podcast.

Podcast, Source Code