All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2094 articles:

VMware Fixes Critical-Severity vCenter Server Bug

VMware has released patches for a critical-severity vulnerability that could enable remote code execution attacks.

Vmware

Winter Vivern APT Targets Zero Day in Roundcube

The Winter Vivern APT group has been targeting a zero day XSS vulnerability in the Roundcube webmail server in recent weeks.

Apt, Vulnerability

Decipher Podcast: Matt Donahue and Nick Selby

Dennis Fisher talks with Mat Donahue, a former FBI counterterrorism specialist and founder and CEO of Kodex, and Nick Selby, a technologist and law enforcement officer, about the challenges organizations face when responding to data requests from law enforcement agencies and how CISOs and legal teams can address them.

Podcast

Cisco Releases Update for IOS XE Flaws

Cisco has released an update for two zero days in IOS XE that attackers have been exploiting in the wild.

Patch, Cisco

Okta: Stolen Credential Led to Support System Breach

Okta customer BeyondTrust said that it first detected the attack and notified Okta on Oct. 2, though Okta did not confirm an internal breach until Oct. 19.

Okta

U.S., European Authorities Disrupt Ragnar Locker Ransomware Operation

Law enforcement agencies from Europe and the U.S. seized the infrastructure and arrested alleged members of the Ragnar Locker ransomware gang this week.

Ransomware

More Companies Adopt Board-Level Cybersecurity Committees

The hope is that these types of committees will tighten collaboration between boards and CISOs and lead to more support and resources for organizations’ cybersecurity strategies.

Ciso

TeamCity Flaw Exploited By North Korean Nation-State Actors

Microsoft warned that these attacks are “particularly high risk” for impacted organizations.

North Korea, Microsoft

State Actors Targeting WinRAR Flaw in Multiple Campaigns

APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.

Russia, China

Threat Actors Exploit Citrix Netscaler ADC and Gateway Flaw

The flaw was disclosed last week, but researchers said that exploitation started in late August.

Citrix, Citrix Netscaler

CISA Pushes Organizations to Patch Known Confluence Bug

CISA and the FBI are urging network administrators to apply patches for the Atlassian Confluence bug (CVE-2023-22515) immediately.

Vulnerability

Threat Actors Deliver DarkGate Malware via Skype, Teams Chats

The global campaign, which occurred between July and September, mostly targeted organizations in the Americas region.

Microsoft, Microsoft Teams

Decipher Podcast: Dr. Christopher Mitchell

Dr. Christopher Mitchell, the CISO for the City of Houston, joins the Decipher podcast to discuss how he inspires his team and drives collaboration related to security within his organization.

Ciso

Microsoft Patches Actively Exploited Flaws in WordPad, Skype For Business

The two important-severity flaws are publicly known and are part of Microsoft’s regularly scheduled Patch Tuesday releases, which overall included more than 100 fixes.

Microsoft

HTTP/2 Rapid Reset Flaw Affects All Major Web Servers

A new flaw in HTTP/2 known as Rapid Reset has enabled threat actors to launch massive DDoS attacks and is believed to affect all modern web servers.

Ddos