SEARCH
All Articles
Decipher Podcast: Andy Greenberg
Andy Greenberg of Wired magazine joins Dennis Fisher to talk about the incredible story of the NotPetya malware outbreak.
Labs Presents: RFID-Blocking Gear
Mark Loveless from Duo Labs goes on camera to show how he tested RFID-blocking gear such as sleeves, wallets, and purses. Which one gives you the most protection for your money?
Zero Trust and Digital Transformation
Digital transformation is on every CEO's mind as they worry that not adapting to the new technology-driven world will means the business will eventually fail. How does zero trust benefit digital transformation?
Senators Want Independent Security Testing of Voting Machines
Four influential senators are asking a voting machine vendor to allow security researchers to test their products.
Labs Presents: What’s Happening With RFID Blocking Gear?
With all the reports about criminals lifting information off credit cards, access cards, and even passports, does it make sense to buy one of those RFID-blocking sleeves and wallets? Duo Labs finds out in this Decipher report.
Decipher Black Hat Panel
Decipher's Black Hat panel featured editors Dennis Fisher and Fahmida Rashid, along with fellow journalists, security researchers, and marketing executives in a broad discussion of security topics.
History Suggests Attackers Will Hit Struts Flaw Quickly
The open source Struts web application framework has a target on its back. Attackers are likely developing exploits. Is it time to stop using Struts?
What Defenders Need to Know About the Latest Struts Flaw
It hasn’t even been a year since the Equifax breach was made public, and Apache has fixed yet another another critical vulnerability in the Struts web application framework. Does your incident response plan include assessing the risk exposure and deploying defenses on top of patch management?
Set of Serious Bugs Haunts Ghostscript
A Google security researcher has discovered a series of sandbox bypass vulnerabilities in the Ghostscript interpreter that threaten many Linux servers.
Microsoft Targets Fancy Bear Hacking Group
Microsoft has taken over six domains associated with a Russian-backed hacking group known to have targeted U.S. political campaigns and candidates.
How Android P Upgrades User and Device Security
Security in Android P is significantly different than in previous versions, as Google has added many new defensive measures.
NIST Act to Improve SMB Security Becomes Law
Under the newly minted law NIST Small Business Cybersecurity Act, NIST will have a year to release guidance and resources to help small businesses improve their security posture.
Clarity Needed Over New Rules on Use of Cyber Weapons
The White House has rescinded the directive that restricted how United States could respond to online attacks. Will this act as deterrence or escalate breaches and attacks into armed conflict?
What IT Needs to Know About Foreshadow
Foreshadow/L1TF refer to a group of vulnerabilities that can be exploited in modern Intel chips using speculative execution attacks to bypass security protections and harvest sensitive information.
Microsoft Fixed Multi-factor Authentication Bypass Flaw
The flaw in Microsoft's Active Directory Federation Services lets an attacker use the same second factor to bypass multi-factor authentication for any account running on the same service. Microsoft has patched the flaw.