All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2247 articles:

Newly Discovered Backdoor Used in Lancefly APT Attacks

A "powerful" backdoor has been uncovered in highly targeted, intel-gathering APT attacks.

APT, Backdoors

Decipher Podcast: Source Code 5/12

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Ransomware Group Exploits PaperCut Flaw in Education Sector Cyberattacks

CISA warned that a ransomware group exploited vulnerable PaperCut servers in May in order to target the education facilities subsector.

Ransomware, Education

Successful Critical Infrastructure Security Regulations Use Risk-Informed Approach

In order to get critical infrastructure cybersecurity regulations right, regulators need to focus on risk reduction and performance outcomes rather than prescriptive measures, according to a panel at Hack the Capitol 6.0.

Regulation, Government, Critical Infrastructure

Ransomware Actors Adopt Leaked Babuk Code to Hit Linux Systems

Various threat groups are increasingly using Babuk’s leaked source code to build ESXi lockers, including a never-before-seen Linux version of the Play ransomware.

Linux

Greatness Phishing Service Targets Microsoft 365 Users

A new phishing service called Greatness is targeting Office 365 organizations in the U.S. and elsewhere.

Phishing

Ransomware Group Targeted Dragos in Unsuccessful Extortion Attempt

A known ransomware group was able to access limited information resources, which it then attempted to use in an unsuccessful extortion attempt against the company.

Critical Infrastructure Security, Critical Infrastructure, Operational Technology

FBI Disrupts Turla Espionage Malware Network

While Operation Medusa disrupts long standing espionage efforts by Turla, security researchers say that its effects will only be temporary.

Malware

GitHub Enables Push Protection to Prevent Secret Leaks

GitHub has released a new push protection feature to prevent developers from accidentally including secrets in commits.

Github

Intel BootGuard, Firmware Signing Keys Found in MSI Data Leak

Researchers have discovered the firmware signing keys and Intel BootGuard keys for several manufacturers in data dumped by attackers who breached Taiwanese hardware maker MSI.

Data Breach

Microsoft Fixes Windows Bug, Secure Boot Bypass Under Active Attack

Microsoft has patched two flaws (CVE-2023-29336 and CVE-2023-24932) that have been actively exploited.

Microsoft, UEFI

Decipher Podcast: Lucia Milica

Lucia Milica, global resident CISO at Proofpoint, discusses the top takeaways from the 2023 Voice of the CISO report.

Podcast, CISO, Ciso Concerns

Decipher Podcast: Source Code 5/5

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Ransomware Task Force: Data Sharing Needed to ‘Build a Clear Picture’

The ransomware task force said in their latest progress report that private sector organizations, governments and cryptocurrency entities need to work together more in swapping information about cyber incidents.

Ransomware, Ransomware Task Force

Threat Actors Add Complexity to DLL Sideloading Attacks

A recent APT campaign shows how threat actors are adding complexity to the decade-old attack.

Cyberattack, Malware