Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2230 articles:

Microsoft Issues Emergency Fix for Critical IE Flaw

Microsoft has pushed out an emergency patch for a critical remote code execution bug in Internet Explorer that has been exploited.

Microsoft

Cloudflare Fights Bots With Tech, Trees

Cloudflare's new "bot fight mode" protects enterprises against malicious bots with tar-pit techniques and the company pledges to plant trees to offset the carbon costs.

Botnet

GitHub Beefs Up Code Scanning With Semmle

Keeping software secure isn't just the developer's job. GitHub is strengthening its ecosystem with tools for developers, researchers, and project maintainers to identify and fix software vulnerabilities.

Application Security, Open Source, Vulnerability

‘We Have to Stop Selling Fear’

CISA Director Christopher Krebs urged the security community to move past selling based on fear.

Government

Emotet Malware Reawakens

The Emotet malware has come back to life after several months of inactivity over the summer.

Malware

Tortoiseshell Targets IT Providers in Supply Chain Attack

Supply chain attacks violate the trust organizations have in their suppliers and providers. A newly discovered attack group is brazen, compromising IT providers in order to get to their final targets.

China, Attacker

Working Group Attempts Consensus on Encryption, Lawful Access

The "debate" over how law enforcement can have lawful access to encrypted messages is anything but civil. The Encryption Working Group attempted to find common ground and made some proposals, but no agreement on how messages can be viewed without undermining encryption.

Encryption, Government

LastPass Fixes Bug That Leaked User Credentials

A flaw in the LastPass browser extension for Chrome and Opera could leak the credential used on the previous site.

Privacy

Simjacker Attack Exploits Deep-Seated Weakness in Phones

The newly disclosed Simjacker attack allows a remote attacker to track a mobile device by exploiting a weakness deep within many phones.

Mobile Security

Decipher Podcast: Parker Thompson

Dennis Fisher talks with Parker Thompson of Cyber Independent Testing Lab about the group's IoT security study.

Podcast

Attack on Power Utility Highlights Need for Layered Defense

The key takeaway from the NERC report about the attack against a US electric utility isn't that companies need to be patching, but that layered defense is still the best approach for keeping systems and networks safe.

Critical Infrastructure Security

NetCAT Attack Can Leak Data From Some Intel Processors

A new attack that exploits a weakness in the DDIO feature of some Intel chips can leak sensitive data, including SSH keystrokes.

Intel, Hardware

Mozilla Testing Firefox Private Network

A new Firefox Private Network extension provides protection on public networks.

Privacy, Mozilla

Decipher Podcast: Tanya Sam

Tanya Sam of TechSquare Labs joins Dennis Fisher to discuss her path to the Atlanta startup scene and what she's learned along the way.

Podcast

Exim Bug Allows Root Privileges

A flaw in the Exim MTA software can be exploited remotely to gain root privileges.

Vulnerability