All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

Critical VMware Network Monitoring Tool Flaw Under Attack

VMware confirmed that the critical command injection flaw (CVE-2023-20887) is being exploited in the wild.

Vmware

APT15 Hits Foreign Affairs Ministries With Updated Malware

The China-based hacking group has targeted ministries of foreign affairs across the Americas with updated malware called Graphican.

APT

New DoJ Cyber Unit Adds ‘Horsepower’ to Cybercrime Investigations

The Department of Justice hopes that its new National Security Cyber Section will improve cybercriminal investigations with more dedicated resources, speed and organizational support.

DOJ, Cybercrime, Ransomware

Custom Malware Targets RDP to Exfiltrate Sensitive Data

The malware, which has been used in an espionage attack since 2022, includes a capability that specifically targets the client drive mapping feature within Remote Desktop Protocol.

RDP, Malware

Decipher Podcast: Matt Johansen

Matt Johansen joins Dennis Fisher to discuss his path from infosec n00b to senior security roles at White Hat, Bank of America, Reddit and his new newsletter and podcast venture Vulnerable U.

Podcast

DoJ Charges Alleged Russian LockBit Ransomware Affiliate

Ruslan Magomedovich Astamirov allegedly worked as a LockBit affiliate and launched five ransomware attacks between 2020 and 2023.

Lockbit, Cybercrime

Decipher Podcast: Source Code 6/16

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

New MOVEit Transfer Zero Day Emerges

A new vulnerability (CVE-2023-35708) in MOVEit Transfer has been disclosed and Progress Software is urging customers to update immediately to prevent exploits.

Moveit

Barracuda ESG Flaw Exploited by ‘Aggressive’ China-Linked Actor

Researchers point to an “aggressive and skilled actor” with suspected links to China as the group behind the attacks on a recently disclosed Barracuda ESG zero day.

Zero Day, Exploit

Microsoft Identifies Distinct Russian GRU Threat Actor

The threat actor behind the WhisperGate malware has been identified as a distinct Russian GRU group.

Russia, Gru

Federal Agencies Now Required to Secure Internet-Exposed Network Devices

The new directive from CISA aims to help federal agencies identify and secure their network devices that are exposed to the public internet.

CISA, Bod

CISA: LockBit Most Active Ransomware Group

The LockBit ransomware group was the most active in the world last year, according to a new advisory, and has collected nearly $100 million in ransoms in three years.

Ransomware, CISA

Cyberespionage Group Targets New VMware Zero Day

A Chinese cyberespionage group known as UNC3886 has been exploiting a new zero day (CVE-2023-20867) in VMware Tools.

Vmware

Fortinet Patches New Critical FortiOS Bug

Fortinet has released new firmware updates to patch a remote code execution vulnerability (CVE-2023-27997) that affects all versions of the FortiGate appliance.

Fortinet

U.S. Nuclear Agency in ‘Early Stages’ of Addressing Security Risks

According to a watchdog report, the National Nuclear Security Administration is still in the "early stages" of fully implementing security measures across its operational technology (OT) and nuclear weapons IT environments.

Nuclear, OT, Operational Technology