SEARCH
All Articles
Tortoiseshell Targets IT Providers in Supply Chain Attack
Supply chain attacks violate the trust organizations have in their suppliers and providers. A newly discovered attack group is brazen, compromising IT providers in order to get to their final targets.
Working Group Attempts Consensus on Encryption, Lawful Access
The "debate" over how law enforcement can have lawful access to encrypted messages is anything but civil. The Encryption Working Group attempted to find common ground and made some proposals, but no agreement on how messages can be viewed without undermining encryption.
LastPass Fixes Bug That Leaked User Credentials
A flaw in the LastPass browser extension for Chrome and Opera could leak the credential used on the previous site.
Simjacker Attack Exploits Deep-Seated Weakness in Phones
The newly disclosed Simjacker attack allows a remote attacker to track a mobile device by exploiting a weakness deep within many phones.
Decipher Podcast: Parker Thompson
Dennis Fisher talks with Parker Thompson of Cyber Independent Testing Lab about the group's IoT security study.
NetCAT Attack Can Leak Data From Some Intel Processors
A new attack that exploits a weakness in the DDIO feature of some Intel chips can leak sensitive data, including SSH keystrokes.
Attack on Power Utility Highlights Need for Layered Defense
The key takeaway from the NERC report about the attack against a US electric utility isn't that companies need to be patching, but that layered defense is still the best approach for keeping systems and networks safe.
Mozilla Testing Firefox Private Network
A new Firefox Private Network extension provides protection on public networks.
Exim Bug Allows Root Privileges
A flaw in the Exim MTA software can be exploited remotely to gain root privileges.
Decipher Podcast: Tanya Sam
Tanya Sam of TechSquare Labs joins Dennis Fisher to discuss her path to the Atlanta startup scene and what she's learned along the way.
Money for Nothing: Ransomware Plagues Local Governments
Ransomware infections have crippled local governments in several states recently, a trend that shows no signs of abating.
Firefox Now Blocks Third-Party Cookies by Default
Mozilla has added Enhanced Tracking Protection to Firefox to block tracking cookies in the browser by default.
Modified Orcus and Revenge RATs Infesting Networks
Researchers have found modified versions of the Orcus and Revenge RATs being delivered through effective phishing campaigns.
Long-Running Attack Campaign Targeted iPhones
Researchers from Google Project Zero uncovered a multiyear campaign that targeted iPhones with sophisticated exploit chains delivered through hacked websites.
Disinformation Attacks Aren’t Just Against Elections
While disinformation is getting a lot of attention in security circles, the discussion primarily tends to be in the context of election security. However, hacking social media accounts, or creating fake accounts, to post false messages about a company is absolutely a disinformation campaign.