Security news that informs and inspires

All Articles

2230 articles:

Hospital IT Help Desks Hit With Social Engineering Attacks

The U.S. Department of Health and Human Services is warning of "sophisticated" social engineering attacks on hospital IT help desks that aim to gain access to employees' email accounts.

Healthcare

New Starry Addax Threat Actor Targets Victims With Android Malware

A newly identified threat group known as Starry Addax is targeting human rights activists and others in western Africa with novel Android malware called FlexStarling.

Malware

3 Things We Still Don’t Know About the XZ Backdoor

The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are known, there is plenty we still don't know. Dennis Fisher and Lindsey O'Donnell-Welch talk about the unknowns and what if anything could have been done to prevent this from happening.

Open Source Security, XZ Backdoor

Ivanti Patches New Flaws as Exploits Continue Against Older Ones

Ivanti has released patches for four new vulnerabilities in its Connect Secure and Policy Secure appliances, as Mandiant said it has seen eight separate groups exploiting some older flaws in those devices.

China, Ivanti

New Malware Emerges With IcedID Links

Researchers believe that the new malware, likely created by IcedID developers, will become increasingly used by threat actors across the landscape.

Malware

Post-Disruption, LockBit’s Reputational Damage Key

Law enforcement efforts to sow distrust and hit LockBit’s brand have had arguably the biggest impact on undermining the ransomware-as-a-service model behind the group.

Ransomware

Decipher Podcast: Rick Gordon

Rick Gordon of Tidal Cyber joins Dennis Fisher to discuss his path from the US Naval Academy to submarine officer to Wall Street and finally to the cybersecurity industry, where he's worked for the last 25 years. Dennis and Rick also talk about the importance of the community aspect of cybersecurity and why it's vital to the collective defense.

Podcast

CSRB: Microsoft Should Refocus on Security After Cloud Intrusion

The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.

Microsoft, China

Decipher Podcast: Dan Lorenc Returns

Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST's National Vulnerability Database and the CVE ecosystem.

Podcast

Carefully Crafted Campaign Led to XZ Utils Backdoor

The person or people that implanted malicious code into XZ Utils put time and effort into building trust in the open source software ecosystem.

Open Source

CISA Releases Cyber Incident Reporting Rule Draft

CISA has laid out the proposed details of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA).

Cisa

Decipher Podcast: Source Code 3/29

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code

Red Hat, CISA Warn of XZ Utils Backdoor

The malicious code (which is being tracked as CVE-2024-3094) is embedded in XZ Utils versions 5.6.0 and 5.6.1, and may allow unauthorized access to impacted systems.

Open Source

U.S. Offers Reward For BlackCat Ransomware Group Intel

The U.S. government is looking for more information about the individuals affiliated with the BlackCat ransomware group, which was behind the Change Healthcare attack.

Ransomware

Organizations Grapple With Identity Pain Points

Cisco's 2024 Cybersecurity Readiness Index showed that 36 percent of respondents ranked identity protection as a major challenge.

Identity