SEARCH
All Articles
Thunderspy Attack Underscores Existing Thunderbolt Security Issues
The new Thunderspy attack highlights a handful of shortcomings in the security model of the Thunderbolt chip used in many PCs.
GitHub Expands Scanning to Find Security Flaws in Code
The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.
Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software
Cisco has patched a dangerous flaw in its Adaptive Security Appliance Software that could allow an attacker to bypass authentication when Kerberos is enabled.
CISA Warnings Highlight Myriad Security Threats
Over the past few days, the Cybersecurity and Infrastructure Security Agency has issued several alerts warning about nation-state actors targeting healthcare and medical research organizations, as well as ways organizations should protect their remote workforce.
Thousands of SaltStack Servers Patched, But Many Still Vulnerable
The number of servers vulnerable to the CVE-2020-11651 SaltStack flaw has dropped considerably, but several thousand are still unpatched.
GoDaddy Reports Breach of Customer Hosting Accounts
An attacker was able to access an undisclosed number of GoDaddy customers' hosting accounts using SSH connections.
SaltStack Flaw Used in Numerous Attacks
Attackers are exploiting the CVE-2020-11651 flaw in SaltStack Salt to install coinmining scripts on exposed servers.
Decipher Podcast: Andy Ellis
Akamai CSO Andy Ellis joins Dennis Fisher to talk about the security implications of moving thousands of employees worldwide to remote work.
Senators Plan COVID-19 Data Protection Bill
Four senators are planning to introduce the COVID-19 Data Protection Act to regulate the collection, use, and transfer of health and location data related to virus infections.
RDP Stays in Attackers’ Sights
There has been a sharp increase in scans for exposed RDP servers recently as attackers try to take advantage of the move to remote work.
Banner Health Settles Data Breach Lawsuit
A judge has approved the deal settling all claims related to Banner Health’s 2016 data breach, which includes stipulations for how the hospital operator must improve its information security.
No Rest For the Wicked as Ransomware Attacks Persist
Ransomware operators have begun using long-held positions inside corporate networks to deploy ransomware.
Spyware for Targeted APT Campaign Sneak into Google Play
Kaspersky researchers discuss how a targeted campaign against Android users in Southeast Asia relied on spyware apps that snuck onto official app marketplaces such as Google Play.
Shade Ransomware Decryption Keys Published
The creators of the Shade ransomware have released the decryption keys for infected systems.
US, Australia Warns About Web Shell Malware
The National Security Agency and the Australian Signals Directorate jointly issued a Cybersecurity Information Sheet with guidelines for enterprises on how to defend web servers from web shell exploits.