Security news that informs and inspires

All Articles

2096 articles:

OpenTitan Chips Are on the Horizon

The OpenTitan project, backed by Google, is nearing the release of its first secure root-of-trust chips.

Hardware, Google

CISA Sounds Alarm on Critical Infrastructure Devices Vulnerable to Ransomware

As part of its Ransomware Vulnerability Warning Pilot program, CISA has notified more than 100 organizations that they are running internet-exposed devices with flaws that are frequently targeted by ransomware actors, including 26 alerts related to the MOVEit Transfer flaw.

Cisa, Ransomware

New Lazarus Group Malware Found in Log4j Attacks

EarlyRAT serves as another example of the Lazarus Group APT’s ability to quickly build new malware to target organizations worldwide.

Lazarus Group

Conti and Trickbot Crypters Bring Clarity to Complex Threat Landscape

Researchers say that crypters previously attributed to the Trickbot/Conti syndicate are “fundamental” to tracking cybercrime factions.

Malware, Trickbot, Conti

8Base Are Belong to Who?

A somewhat quiet ransomware group known as 8Base has increased its activity in the last month and has researchers wondering who is behind the scenes.


GAO: Federal Agencies Contend With Disparate Cybercrime Metrics

The Government Accountability Office found that various federal agencies don't have a comprehensive way to track cybercrime data, which it says is "leaving the country less prepared to combat cybercrime.”

Cybercrime, Reporting

Cybercriminals Still Want to Cash In on Cryptojacking

Recent campaigns show cybercriminals haven't given up yet on cryptojacking, despite fluctuating cryptocurrency values and the shutdown of Coinhive.

Cryptocurrency, Cryptojacking

Decipher Podcast: Source Code 6/23

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Apple Patches Zero Days Used in Targeted iOS Attacks

Apple has released new versions of iOS to patch three zero days that have been exploited in targeted attacks.


Critical VMware Network Monitoring Tool Flaw Under Attack

VMware confirmed that the critical command injection flaw (CVE-2023-20887) is being exploited in the wild.


APT15 Hits Foreign Affairs Ministries With Updated Malware

The China-based hacking group has targeted ministries of foreign affairs across the Americas with updated malware called Graphican.


New DoJ Cyber Unit Adds ‘Horsepower’ to Cybercrime Investigations

The Department of Justice hopes that its new National Security Cyber Section will improve cybercriminal investigations with more dedicated resources, speed and organizational support.

Doj, Cybercrime, Ransomware

Custom Malware Targets RDP to Exfiltrate Sensitive Data

The malware, which has been used in an espionage attack since 2022, includes a capability that specifically targets the client drive mapping feature within Remote Desktop Protocol.

Rdp, Malware

Decipher Podcast: Matt Johansen

Matt Johansen joins Dennis Fisher to discuss his path from infosec n00b to senior security roles at White Hat, Bank of America, Reddit and his new newsletter and podcast venture Vulnerable U.


DoJ Charges Alleged Russian LockBit Ransomware Affiliate

Ruslan Magomedovich Astamirov allegedly worked as a LockBit affiliate and launched five ransomware attacks between 2020 and 2023.

Lockbit, Cybercrime