Security news that informs and inspires

SEARCH

All Articles

Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
1889 articles:

Hive Ransomware Attacks Target FortiOS, Microsoft Exchange Flaws

The Hive ransomware has victimized 1,300 companies globally as of November, in particular targeting healthcare sector organizations, according to U.S. federal agencies in a new advisory.

Ransomware

Decipher Podcast: Source Code 11/18

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Podcast

LodaRAT Malware Evolves With New Functionalities

New variants of the RAT reveal added functionalities and deployment alongside other malware families.

Malware

Code Execution Flaws Found in F5 BIG-IP Appliances

Rapid7 researchers discovered two code execution flaws in several versions of the F5 BIG-IP appliances.

F5

Emotet Malware Returns in High-Volume Email Campaign

Hundreds of thousands of email distributing Emotet reveal significant changes to the malware's tactics and payloads.

Emotet

Decipher Podcast: Dan Lorenc

Dan Lorenc, CEO and founder of Chainguard, joins Dennis Fisher to talk about supply chain security, asset inventory, Sigstore, and the challenges of helping developers write more secure code.

Podcast, Supply Chain Security

U.S. DoD Struggles With Cyber Incident Reporting Gaps

A watchdog report highlighted weaknesses in the Department of Defense's cyber incident reporting procedures, particularly for the critical defense industrial base sector.

Government Agencies

Resilience Seen as a Key to Critical Infrastructure Security

Attackers are focusing their attention on critical infrastructure operators, and building resilience into those networks is a key to defending them, experts say.

Government, Critical Infrastructure

Stealthy BatLoader Malware Seen in Dozens of Attacks

VMware researchers said the malware has appeared in at least 43 infections that have primarily targeted business services, financial services, manufacturing and education organizations.

Malware

U.S. Justice Department Charges LockBit Ransomware Suspect

A 33-year-old dual Russian and Canadian national was arrested this week for allegedly participating in LockBit ransomware attacks.

Lockbit, Ransomware

GitHub Launches Private Vulnerability Reporting

GitHub has launched a new feature that enables researchers to privately report vulnerabilities to repository maintainers.

Github

Threat Actors Abuse InterPlanetary File System Protocol to Spread Malware

Threat actors leveraged an emerging distributed file storage protocol in attacks deploying a Python-based information stealer called Hannabi Grabber.

Malware

Lenovo Patches BIOS Flaws That Lead to Secure Boot Modification

Lenovo has patched three vulnerabilities in the BIOS in many of its laptops that could allow an attacker to modify the secure boot process.

Bios

Citrix Warns of Critical Authentication Bypass Flaw in Gateway, ADC

Attackers have historically exploited vulnerabilities in Citrix Gateway and ADC in order to target organizations.

Citrix

Microsoft Fixes Six Actively Exploited Flaws

Microsoft did not give further details about the exploitation efforts against the flaws disclosed on Tuesday.

Microsoft