Security news that informs and inspires

All Articles

984 articles:

Malicious Code Found in Package Repositories

Attackers have increasingly targeted the software supply chain by populating package managers such as RubyGems and npm with malicious code.

Software Security, Open Source

CISA: Attackers Used Vectors Other Than SolarWinds Backdoor

CISA said the attackers behind the SolarWinds compromise used other infection vectors to access some victims' networks.

Solarwinds

Stopping SolarWinds Backdoor with a Killswitch

Some news for security operations teams investigating their networks for signs that nation-state attackers had deployed the Sunburst malware via the SolarWinds' Orion network monitoring technology: FireEye has identified a killswitch that would stop the malware from executing in infected networks.

Data Breaches, Malware

The Long Tail of the SolarWinds Breach

Completely recovering from the effects of the breach of SolarWinds could take months for some customers.

Solarwinds

Broad Cyber Espionage Campaign Follows Supply Chain Attack on SolarWinds

Attackers planted a compromised update for the SolarWinds Orion platform, leading to a cyber espionage campaign that hit many companies and government agencies.

Malware, Government

Facebook Disrupts Activity by APT32

Facebook has disrupted attacks on its platform it attributes to APT32, a group based in Vietnam.

Facebook, Apt

Decipher Podcast: Haroon Meer

Haroon Meer, founder of Thinkst, joins Dennis Fisher to talk about why a lot of security products don't work, the challenges of running a security company from South Africa, and doing well by doing good.

Podcast

Congress About to Pass Security-Heavy Defense Bill

The House of Representatives overwhelmingly passed the National Defense Authorization Act and the Senate is expected to vote on the defense appropriations bill this week.

Government

Microsoft Teams Flaw Allowed Easy Remote Code Execution

A flaw in Microsoft Teams allowed remote code execution by sending one message to a victim.

Microsoft

NSA Warns Russian Attackers Are Exploiting VMware Flaw

The NSA warned that Russian state attackers are targeting a recent VMware vulnerability, which NSA discovered and disclosed.

Vmware, Vulnerability

Decipher Podcast: Ryan Noon and Abhishek Agrawal

Ryan Noon and Abhishek Agrawal, founders of Material Security, join Dennis Fisher to talk about fixing the email security problem and approaching security challenges with diverse mindsets.

Podcast

New TrickBot Module Targets UEFI Firmware

The TrickBot trojan now includes a capability to scan for vulnerable UEFI firmware implementations and could soon exploit them.

Trickbot

The Painful Calculus of Ransomware Payments

Ransomware gangs have added data theft to their tactics, bringing another variable into the pay or don't pay equation.

Ransomware

Software Supply Chain Woes Afflict DockerHub, Too

Threat analysis firm Prevasio scanned the entire DockerHub and found that 51 percent of all container images had at least one critical vulnerability and 13 percent had at least one high-severity vulnerability. Researchers also identified 6,433 images that were malicious or potentially harmful.

Containers, Docker

New Signed Version of Old Bandook Malware Emerges

New variants of the Bandook malware that are digitally signed have been used in a recent wave of attacks on organizations in many industries.

Malware