SEARCH
All Articles
Watchdog Report Highlights Nuclear Agency’s Security Shortcomings
The Government Accountability Office criticized the National Nuclear Security Administration's mixed risk management practices around operational technology devices and its lax oversight of subcontractor cybersecurity practices.
CISA: Critical Zoho ManageEngine Flaw Actively Exploited
The critical-severity unauthenticated remote code execution flaw is now being actively exploited, according to CISA.
Decipher Podcast: Source Code 9/23
Welcome to Source Code: Decipher's behind-the-scenes look at the weekly news with input from our sources.
The NSA is Here to Help
The NSA's new Cybersecurity Collaboration Center is the centerpiece of an effort to provide more information and context for private sector defenders.
New Metador APT Discovered Targeting ISPs, Telcos
Researchers have discovered a new APT actor called Metador that has been targeting ISPs, telcos, and universities in the Middle East and Africa.
Attackers Deploying Noberus Ransomware Update Tactics
The Noberus ransomware (also known as BlackCat and ALPHV) has received a major update, and affiliates deploying it have also evolved their tactics.
Government Makes Headway in Executing Cybersecurity Commission’s Recommendations
A new report by the CSC 2.0 pointed to both progress and "unfinished business" in the government's implementation of its recommendations for bolstering its cybersecurity strategy.
Decipher Podcast: Asheer Malhotra and Guilherme Venere
Dennis Fisher talks with Asheer Malhotra and Guilherme Venere of Cisco Talos about the group's new research on the Gamaredon APT group, which has been targeting Ukrainian organizations in a new campaign.
Siemens Fixes Numerous Flaws in Wide Range of ICS Products
Siemens has patched dozens of vulnerabilities in several of its ICS products, including Parasolid, RuggedCom ROS, and Simcenter Femap.
Decipher Podcast: Hack-a-Sat 2022
Mark Werremeyer and Bryce Kerley join Dennis Fisher to talk about this year's Hack-a-Sat capture the flag competition, how the challenges have evolved since last year, and how the competition helps players build their hacking skills.
Decipher Podcast: Source Code 9/16
Welcome back to Source Code, Decipher's weekly security news podcast.
The Challenge of Securing Critical Operational Technology Systems at the Ground Level
As the federal government contemplates how it approaches operational technology security measures, a "big opportunity" exists as infrastructure is upgraded or replaced.
CISA Warns of Critical Flaw in Honeywell SoftMaster PLC Software
A critical vulnerability in the Honeywell SoftMaster PLC controller software can allow an attacker to execute arbitrary code on vulnerable machines.
U.S. Government Hits Alleged Iranian Hackers with Indictments, Sanctions
The U.S. government indictments, sanctions and detailing of TTPs were part of a wave of actions against Iran-linked threat actors that allegedly targeted critical infrastructure organizations since 2020.
Software Supply Chain Security Takes Center Stage in Washington
The Biden administration issued new guidance on software supply chain security for federal agencies, which includes requirements for self-attestations and SBOMs.