Researchers from Google and Citizen Lab urged Congress to use intelligence agencies, diplomatic, and economic means to pressure commercial spyware vendors such as NSO Group.
Microsoft exposed an Austria-based private-sector offensive actor that has been observed both selling the Subzero malware to third parties, but also using its own infrastructure in some attacks.
The U.S. government wants cyber incident reporting to be more consistent, but it must work through several challenges, including the stigma around the repercussions of reporting.
The revised Security Directive aims to give natural gas and oil pipeline operators more flexibility in how they implement security measures.
Kaspersky researchers have found a new UEFI rootkit called CosmicStrand that infects the firmware of some specific motherboards.
Welcome back to Source Code, Decipher’s weekly security news podcast with input from our sources.
After an external party publicly disclosed the hardcoded password on Twitter, Atlassian said the issue is "likely to be exploited in the wild."
The threat actor has been observed targeting companies with operations supporting foreign exchanges and cryptocurrency, and organizations in the Decentralized Finance (DeFi) industry.
U.S. authorities seized a half million dollars and disrupted the activities of a North Korean state-sponsored group.
The previously undisclosed macOS malware was observed as part of a targeted operation with the end goal of exfiltrating sensitive information from victims.
Intel 471 CEO Mark Arena talks about the process behind monitoring threat actors and how cybercrime is evolving.
U.S. investors have been scammed out of millions by cybercriminals impersonating legitimate cryptocurrency investment apps.
Welcome back to Source Code, Decipher’s weekly news wrap podcast with input from our sources.
The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.
The Cyber Safety Review Board’s report on the Log4j flaw pointed to an open-source software ecosystem riddled with security challenges.