All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

TeamCity Flaw Exploited By North Korean Nation-State Actors

Microsoft warned that these attacks are “particularly high risk” for impacted organizations.

North Korea, Microsoft

State Actors Targeting WinRAR Flaw in Multiple Campaigns

APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.

Russia, China

Threat Actors Exploit Citrix Netscaler ADC and Gateway Flaw

The flaw was disclosed last week, but researchers said that exploitation started in late August.

Citrix, Citrix Netscaler

CISA Pushes Organizations to Patch Known Confluence Bug

CISA and the FBI are urging network administrators to apply patches for the Atlassian Confluence bug (CVE-2023-22515) immediately.

Vulnerability

Threat Actors Deliver DarkGate Malware via Skype, Teams Chats

The global campaign, which occurred between July and September, mostly targeted organizations in the Americas region.

Microsoft, Microsoft Teams

Decipher Podcast: Dr. Christopher Mitchell

Dr. Christopher Mitchell, the CISO for the City of Houston, joins the Decipher podcast to discuss how he inspires his team and drives collaboration related to security within his organization.

CISO

Microsoft Patches Actively Exploited Flaws in WordPad, Skype For Business

The two important-severity flaws are publicly known and are part of Microsoft’s regularly scheduled Patch Tuesday releases, which overall included more than 100 fixes.

Microsoft

HTTP/2 Rapid Reset Flaw Affects All Major Web Servers

A new flaw in HTTP/2 known as Rapid Reset has enabled threat actors to launch massive DDoS attacks and is believed to affect all modern web servers.

Ddos

MGM Resorts Details Compromised Data, Financial Hit After Cyberattack

More details about the impacts of the cyberattack hitting MGM Resorts have been disclosed.

Cyberattack

Linux Distributions Impacted By High-Severity Glibc Bug

The high-severity flaw (CVE-2023-4911), which was introduced in glibc version 2.34, exists in glibc’s dynamic loader.

Linux

Clues Point to Ongoing Campaign From Qakbot Threat Actors

Researchers have discovered clues that may indicate that the Qakbot threat actors are still active.

Qakbot

Decipher Podcast: Alessio Setaro

Alessio Setaro, CISO of Leroy Merlin Italy, joins Dennis Fisher to talk about his path to becoming a CISO, the challenges of breaking down silos in an organization, and why security is a people-first challenge.

Podcast

Serious Flaws Found in Supermicro BMC Firmware

Researchers have identified seven serious flaws in the BMC firmware on many Supermicro motherboards that can lead to complete compromise of vulnerable servers.

Hardware

Atlassian Fixes Zero Day in Confluence

Atlassian has released fixes for a zero day in its popular Confluence Server and Data Center products.

Atlassian

Researchers Track Exploitation of Critical WS_FTP Flaw

Exploitation has been observed in the wild for a critical flaw in the file transfer server from the MOVEit Transfer maker.

Exploit