Security news that informs and inspires

All Articles

1889 articles:

Ransomware Task Force: Data Sharing Needed to ‘Build a Clear Picture’

The ransomware task force said in their latest progress report that private sector organizations, governments and cryptocurrency entities need to work together more in swapping information about cyber incidents.

Ransomware, Ransomware Task Force

Threat Actors Add Complexity to DLL Sideloading Attacks

A recent APT campaign shows how threat actors are adding complexity to the decade-old attack.

Cyberattack, Malware

New EARN IT Act Has Old Issues

The newest version of the EARNT IT Act still has language that would force platform providers to weaken or abandon encrypted services.

Privacy, Government

NodeStealer Malware Targets Gmail, Outlook, Facebook Credentials

The new malware was found stealing saved usernames and passwords in browsers in order to compromise business Gmail, Outlook and Facebook accounts.

Meta, Facebook, Outlook, Malware

Decipher Podcast: Dawn Cappelli

Decipher talks to Dawn Cappelli, director of OT-CERT at Dragos, about the challenges of securing operational technology, particularly for organizations with limited budget and resources.

Podcast, Critical Infrastructure Security, Critical Infrastructure

Iranian Threat Groups Spread Cyberattack Fears Through Influence Operations

Iranian threat groups are launching cyberattacks - or in some cases saying they are - and then sowing fear around the hacks through online influence operations.

Iran, Apt

Apple, Google Develop Specification to Address Unwanted Bluetooth Tracking

Apple and Google have submitted a draft IETF specification to alert users when they are being tracked by Bluetooth accessories such as AirTags.

Privacy, Apple, Google

Google Enables Passkeys for Account Login

Google is enabling passkeys as a login method for all accounts as part of its effort to move users away from passwords to more secure authentication methods.

Google, Passwords

NIST Cybersecurity Framework Gets ‘Significant Update’

The cybersecurity framework is getting an overhaul as NIST aims to better incorporate supply chain risk management and governance.

Nist, Government, Governance

Network Security Needs to Evolve as Quickly as Threats

Enterprise networks have evolved rapidly in recent years, but the security industry hasn't been as agile and is not keeping up with the pace of change.

Rsa, Cloud Security

CISOs Navigate Legal Risks After Former Uber Executive’s Conviction

High-profile legal cases have set CISOs on edge about the liabilities they face while working through major security incidents at organizations.

Ciso, Ciso Concerns

Decipher Podcast: Source Code RSA Conference Edition

This week at the RSA Conference, software supply-chain security, CISO liabilities and public-private sector partnerships were some of the key topics.

Podcast, Source Code

PaperCut Flaws Exploited to Deploy Clop, LockBit Ransomware

Microsoft has attributed exploitation attempts of CVE-2023-27350 and CVE-2023-27351 to a Clop ransomware affiliate.

Ransomware, Lockbit, Clop, Microsoft

Google Disrupts Massive CryptBot Malware Operation

A new court order allows Google to take down current and future domains tied to the distribution of the CryptBot infostealer.


Software Supply Chain Security: ‘An Everybody Problem’

At the RSA Conference this week, government officials and cybersecurity executives mulled over the multiple layers of challenges in securing the software supply chain.

Software Security, Supply Chain Security, Rsa Conference