Security news that informs and inspires

All Articles

2324 articles:

Decipher Podcast: Jennifer Leggio Returns

Jennifer Leggio, a longtime security industry executive who has served in many different roles, joins Dennis Fisher to talk about the shift in thinking among those in the security community, technical gatekeeping in security, her new consulting venture Moveable Feast, and finding your niche.


Europol, FBI Announce LockBit Ransomware Crackdown

The breadth of the takedown itself is multifaceted and impacts everything from LockBit’s infrastructure backbone to members’ ability to access cryptocurrency accounts linked to the ransomware group.


Decipher Podcast: LockBit Takedown

Dennis Fisher and Lindsey O'Donnell-Welch discuss the disruption of the LockBit ransomware operation by the FBI, Europol, and UK authorities, what it means for victims, and how it fits into the government's larger strategy to target cybercrime groups.


Decipher Podcast: Source Code 2/16

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.


U.S. Government Disrupts Botnet Used by Russian GRU Hackers

The operation marks the latest effort by U.S. law enforcement to knock down malicious cyber operations.

Botnet, Fbi

APT Exploits Microsoft Zero-Day in Malware Attacks

Microsoft fixed the flaw as part of its regularly scheduled updates on Tuesday.

Microsoft, Zero Day

The Creeping Threat of Security Debt

A new study shows that more than 70 percent of organizations have applications with vulnerabilities that are more than a year old, and nearly 50 percent have critical bugs that old.

Software Security

U.S. Organizations Targeted in Bumblebee Malware Campaign

The campaign uses a slightly modified attack chain for Bumblebee and marks the return of the malware after a four-month absence from the threat landscape.


QNAP Fixes Pair of Command Injection Flaws

QNAP has patched two command injection flaws in several versions of its QTS and QuTS hero firmware.


Decipher Podcast: Mick Baccio

Mick Baccio, global security advisor at SURGe with Splunk, talks about how his perspectives on cybersecurity have changed over time - from first reading Neuromancer at age nine, to acting as the White House threat intelligence branch chief across multiple administrations.


Ivanti Discloses New Flaw in Policy Secure, Connect Secure VPN

A new vulnerability has been disclosed in certain versions of Ivanti’s Connect Secure VPN and Ivanti Policy Secure appliances.

Ivanti, Patch

Fortinet Warns of Zero Day in FortiOS

Fortinet is urging customers to patch an actively exploited flaw (CVE-2024-21762) in many versions of its FortiOS software.


Q&A: Gary McGraw

Software security pioneer and AI expert Gary McGraw talks to Dennis Fisher about the risks of black box LLMs in AI and the need for regulation.


Ransomware Payments Hit $1.1B Record in 2023

With ransomware payments hitting an all-time high in 2023, CISOs “need to concentrate on making their organizations a hard target.”


Experts Urge Tighter Focus on Critical Infrastructure Security

ICS and operational technology experts told Congress Tuesday that adversaries' focus on critical infrastructure attacks requires a better focus on the security of these networks by defenders and regulators.

ICS, Government