Security news that informs and inspires

All Articles

1335 articles:

Researchers Find Log4Shell Type Flaw in H2 Database Console

Researchers have found a Log4Shell-like flaw in the H2 database console, which allows remote code execution.

Log4j

CISA: Federal Agencies Taking Steps to Address Log4j Flaw

CISA said that thousands of internet-connected assets have been mitigated by federal agencies under its Emergency Directive that addressed the Log4j flaw.

Cisa, Government Agencies, Log4j

Attacks Target Log4j Bug in VMware Horizon

An unknown threat group is exploiting the Log4j vulnerability in VMware Horizon servers to install webshells for further malicious activity.

Log4j, Vmware

Meta Lawsuit Cracks Down on Facebook Phishing Scams

A new lawsuit from Meta seeks to uncover the operators behind 39,000 phishing sites that have attempted to steal Facebook, Instagram and WhatsApp users' credentials.

Facebook, Phishing

AvosLocker Ransomware Attacks Spike

The emergence of AvosLocker is part of an overarching shift in the RaaS ecosystem over the latter half of 2021.

Ransomware

Decipher Podcast: 2021 Year in Review

Lindsey O'Donnell-Welch and Dennis Fisher look back on a wild year in cybersecurity and discuss the ongoing ransomware problem, the increase in zero days used in the wild, our favorite stories and podcasts of the year, and more.

Podcast

Decipher Podcast: Sherrod DeGrippo

Proofpoint's Sherrod DeGrippo discusses the top malware trends of the past year, including Emotet's takedown and eventual return.

Podcast, Emotet, Malware

Deciphering Die Hard 2

Zoe Lindsey, Pete Baker, and Dennis Fisher sit down to talk about Die Hard 2, the forgotten member of the Die Hard series, which is not a Christmas movie. It is, however, a movie with a lot of great hacking and social engineering scenes, and Bruce Willis spewing one-liners like a 1950s standup comic.

Hacker Movies, Podcast

Decipher Library: Holiday Edition 2021

The editors of Decipher have compiled a list of book recommendations for you to enjoy during the holiday break.

Library, Books

Nation-State Attackers Targeted Airline With New Backdoor

The Iran-linked threat group targeted an Asian airline in what researchers believe is an espionage cyberattack.

Backdoors, Airlines, Cyberattack

Decipher Podcast: Source Code 12/17

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

New Log4j Flaw Allows Remote Code Execution

The newer Log4j vulnerability (CVE-2021-45046) can allow remote code execution in some circumstances on macOS.

Log4j, Apache

CISA Issues Emergency Directive For Log4j Flaw

Federal agencies have until Dec. 23 to track down systems vulnerable to Log4j and apply patches or mitigations.

Log4j, Cisa, Patch

Lawmakers Put Pressure on Spyware Vendors

A group of 18 lawmakers are calling on the Biden administration to sanction surveillance technology firms for enabling "human rights abuses."

Spyware, Government Agencies

Log4j Attacks Spread as State Actors Target Bug

State actors from China, Iran, North Korea and other countries are targeting the Log4j (CVE-2021-44228) flaw.

Log4j, Apache