Security news that informs and inspires

All Articles

511 articles:

Intel, Tech Giants Release Updates to Fix New Chip Flaws

Like the earlier Meltdown and Spectre class of bugs, the new side-channel attacks ZombieLoad, RIDL, and Fallout take advantage of weaknesses in the processor's speculative execution feature to harvest secrets from system memory.

Hardware, Vulnerability

Decipher Podcast: Daniel Gruss

Dennis Fisher talks with Daniel Gruss of TU Graz about the Zombiload attack on Intel processors.

Podcast

WhatsApp Flaw Used in Targeted, Not Widespread, Attacks

A WhatsApp vulnerability has reportedly been used in highly targeted attacks to install spyware on victims' phones.

WhatsApp, Privacy

Microsoft Patches Legacy Windows to Prevent Worms

End-of-life doesn’t mean no longer a threat. Microsoft decided to release security updates for no longer supported Windows 2003 and Windows XP systems to fix a bug that could be exploited by a worm.

Microsoft, Patch, Windows

Digging Deep into the Verizon DBIR

The Verizon Data Breach Investigations Report isn’t just full of interesting data breach statistics; it also offers enterprise defenders valuable insights on the kind of real-world threats they should be worrying about.

Data Breaches

Decipher Podcast: Alex Pinto

Alex Pinto from Verizon Enterprise joins Dennis Fisher to break down the 2019 Data Breach Investigations Report.

Podcast

Deciphering Swordfish and Three Days of the Condor

Dennis Fisher, Zoe Lindsey, and Pete Baker wade into the jumbled mess of Swordfish and then emerge into the sunlight of Three Days of the Condor.

Podcast

Google Wants to Change How Cookies Are Used

Google I/O is a good place to announce a whole lot of new privacy features “coming soon." It is also a good place to bury plans to change how Google will handle HTTP cookies in Chrome.

Internet, Google Chrome, Web Developers

FTC Pushes For Federal Privacy Law

The FTC is urging Congress to pass a broad federal privacy and security law--and allow the commission to be the enforcement authority for it.

Privacy

FIN7 Attackers Still in the Water

The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers and law enforcement.

Malware

The Dark Web is Small, Criminal Threats Are Not

While it’s intriguing that the Dark Web may be smaller than perceived, it was never the biggest threat to enterprises.

Cybercrime, Dark Web

Decipher Podcast: Michael Bailey

Michael Bailey of FireEye joins Dennis Fisher to discuss his analysis of the Carbanak backdoor source code.

Podcast

MegaCortex Ransomware Targets Corporate Networks

The new MegaCortex ransomware is using stolen domain controller credentials to gain a foothold in corporate networks before spreading.

Ransomware

Executive Order Asks a Lot Out of DHS

On paper, the executive order seems to have some good ideas on increasing the pool of talented security personnel for the federal IT workforce. Would DHS be able to deliver on these new programs?

Government

Mozilla Setting Tight Restrictions for Firefox Add-Ons

Mozilla is going to ban Firefox add-ons with obfuscated code in a major overhaul of its policy.

Firefox