All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2237 articles:

Exploit Attempts Against Fortinet VPN Bug Surge

Exploit traffic against the Fortinet VPN CVE-2022-43475 vulnerability have spiked in recent weeks.

Fortinet

VMware Fixes vRealize Log Insight RCE Bugs

Researchers have developed an exploit for a group of vulnerabilities in VMware vRealize Log Insight that can lead to remote code execution as root.

Vmware

GitHub Says Attacker Stole Encrypted Code-Signing Certificates for Desktop and Atom

An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.

Github

ISC Patches Serious DoS Flaw in BIND

The ISC has released a fix for a serious denial-of-service vulnerability in many versions of BIND 9.

DNS

U.S. Takes Down Hive Ransomware Infrastructure

The FBI and international alw enforcement agencies have taken down the Hive ransomware infrastructure.

Ransomware

Google Cracks Down on Dragonbridge Pro-China Information Operation

Google has disrupted more than 50,000 accounts linked to the Dragonbridge pro-China information operation in the last year.

China

Attacker Stole GoTo Customer Backups and Encryption Key

GoTo says an attacker stole some encrypted customer backups as well as an encryption key for some of those databases.

Lastpass, Data Breach

North Korean Attackers TA444 Shift Tactics

The TA444 threat group has changed its tactics in recent weeks, moving to new delivery methods and payloads.

North Korea

FBI Says Lazarus Group Behind $100 Million Harmony Bridge Heist

The FBI says the North Korean threat actor Lazarus Group is responsible for the theft of $100 million in cryptocurrency from Harmony Horizon Bridge in June.

Cryptocurrency, Fbi, North Korea

OpenText Fixes RCE Flaws in Extended ECM

OpenText has fixed two remote code execution vulnerabilities in its Extended ECM content management server.

Vulnerability

Q&A: Rick Holland

Rick Holland, CISO at Digital Shadows, talks about the role of empathy in building out an organization’s security program.

CISO Q&a

Attackers Exploiting ManageEngine CVE-2022-47966 Flaw

Active exploitation of the CVE-2022-47966 ManageEngine flaw is underway.

Vulnerability, Exploit

U.S. Arrests Alleged Operator of Bitzlato Crypto Exchange

U.S. authorities have arrested Anatoly Legkodymov, the Russian alleged operator of the Bitzlato cryptocurrency exchange, which they say was a major hub for cybercriminal activity.

Cryptocurrency, Russia

LNK Files Link Bumblebee With Qakbot, IcedID Malware

By looking at metadata in LNK files in recent campaigns, Talos researchers have linked the Bumblebee malware with the Qakbot and IcedID malware groups.

Malware

CISA Warns of Serious Flaws in CONPROSYS HMI Software

A set of serious flaws in the Contec CONPROSYS HMI software that could allow remote code execution have been addressed in an update.

ICS