Security news that informs and inspires

All Articles

2322 articles:

JetBrains Fixes TeamCity Authentication Bypass Flaws

The flaws, which exist in all TeamCity on-premises versions through 2023.11.3, have been fixed in version 2023.11.4.

Vulnerability

DoJ Charges Iranian After Campaigns Targeting U.S. Defense Contractors

An Iranian national has been charged over a cyberattack that attempted to compromise both private sector companies and U.S. government entities, including the Treasury Department and State Department.

Justice Department

Decipher Podcast: Source Code 3/1

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code

New Malware Sets Stage For Persistence in Ivanti Exploits

Attackers exploiting Ivanti flaws attempted to achieve a deep level of persistence, showing how threat actors are going the extra mile to maintain a foothold on infected systems.

Ivanti

CISA, FBI Warn of Continued BlackCat Ransomware Activity

The BlackCat ransomware group is continuing to target health care organizations and hospitals two months after the FBI disrupted some of the group's operations.

Ransomware

White House Aims to Curb Data Broker Sales to Foreign Countries

A new executive order aims to protect Americans’ sensitive data - like personal, financial, geolocation and biometric data - from being accessed by China, Russia, Iran, North Korea, Cuba and Venezuela.

White House

FBI Warns of APT28 Attacks on Ubiquiti Routers

The FBI and partners have released an advisory highlighting TTPs and IoCs for APT28 threat actors in attacks against Ubiquiti EdgeRouters.

Fbi

Decipher Podcast: Alex Delamotte

Alex Delamotte, threat researcher at SentinelLabs, talks about the importance of actionable threat intelligence, how threat actors are leveraging cloud services, and the upcoming Net Gala, a hacker and tech-themed art exhibition.

Podcast

CISA Details Cloud-Focused Attack Techniques Used by APT29

CISA and some its foreign partner agencies are warning that APT29 is using a variety of techniques to target cloud services and accounts.

Cloud, Russia

Nation-State Threat Actors Hit Change Healthcare

Change Healthcare on Monday continued to work through disruptions to its systems after an attack by nation-state threat actors.

Cyberattack

Challenges Remain in Evaluating Ransomware Crackdowns

While law enforcement disruptions certainly have a positive impact, there are deep-rooted difficulties in measuring substantial long-term changes.

Ransomware

Decipher Podcast: Source Code 2/23

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code

Critical ScreenConnect Flaw Under Active Exploitation

The ConnectWise ScreeConnect authentication vulnerability disclosed this week is now under active exploitation and there is proof-of-concept exploit code available.

Attacks

Decipher Podcast: Jennifer Leggio Returns

Jennifer Leggio, a longtime security industry executive who has served in many different roles, joins Dennis Fisher to talk about the shift in thinking among those in the security community, technical gatekeeping in security, her new consulting venture Moveable Feast, and finding your niche.

Podcast

Europol, FBI Announce LockBit Ransomware Crackdown

The breadth of the takedown itself is multifaceted and impacts everything from LockBit’s infrastructure backbone to members’ ability to access cryptocurrency accounts linked to the ransomware group.

Ransomware