The discovery of CosmicEnergy is unique because malware families targeting industrial control systems are rarely disclosed.
Welcome back to Source Code, Decipher’s weekly news wrap podcast with input from our sources.
A group known as Volt Typhoon, that is affiliated with the Chinese government, has been attacking critical infrastructure in Guam and elsewhere in the United States.
Overall, threat actors aligned with Russian, Iranian and North Korean state interests have increasingly targeted small and medium-sized businesses.
Megan Stifel, chief strategy officer for the Institute for Security and Technology and executive director of the Ransomware Task Force, talks about the multitude of efforts being made in tackling the ransomware threat landscape.
Researchers said that malicious Windows kernel drivers will continue to be used by sophisticated groups that have the skills and resources needed to develop such tools.
The Lazarus Group has been compromising vulnerable IIS servers in an ongoing campaign.
The Apple vulnerabilities (CVE-2023-32409, CVE-2023-28204 and CVE-2023-32373) exist in WebKit.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Researchers said that it "is difficult to measure" the potential long-term impact of TurkoRat infections on developer systems.
Researchers warn that a Go-based implementation of Cobalt Strike beacons, called "Geacon," is lucrative for threat actors in attacks targeting macOS.
In a new advisory, the FBI and CISA warn that the BianLian ransomware group has moved to a data theft and extortion model.
The Russian national allegedly used three well-known ransomware variants - LockBit, Babuk and Hive - to target critical infrastructure victims.
An UNC3944 attack highlights how threat actors can abuse legitimate cloud resources for various purposes after compromising the Azure administrator's account.
A Chinese state-affiliated attack group known as Camaro Dragon is targeting some TP-Link routers to install malicious firmware images.