Security news that informs and inspires

All Articles

2204 articles:

Chinese Threat Actor Uses Ransomware as a ‘Smokescreen’ For Espionage

Researchers say evidence points to Chinese-based Bronze Starlight using five different ransomware families as a method to disguise its actual goal of espionage.

China, Ransomware

APT Groups Still Exploiting Log4Shell in VMware Products

APT teams are still exploiting the Log4Shell flaw in VMware Horizon and Unified Access Gateway, six months after the initial disclosure.

Log4j, Cisa

Russian Actors Focus on Confluence Flaw

The majority of exploitation attempts against the recent Atlassian Confluence bug (CVE-2022-36134) are coming from Russia.

Atlassian

BEC Actors Diverge From Traditional Attacks

Business email compromise (BEC) groups are more heavily relying on attacks that impersonate third-party vendors or suppliers, as opposed to traditional attacks that mimicked executives.

Business Email Compromise

AvosLocker Ransomware Deployed in Log4Shell Attack

An AvosLocker ransomware attack exploited the Log4j bug in VMware Horizon servers.

Ransomware

Decipher Podcast: Daniel dos Santos

Daniel dos Santos, head of security research with Forescout, talks about a set of over 50 vulnerabilities discovered in operational technology (OT) devices from 10 different vendors.

Podcast, Operational Technology

New ToddyCat APT Targets Exchange Servers

An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.

APT

The Cat and Mouse Game of Crypto Money Laundering

Ransomware actors are getting better at laundering their proceeds from attacks - but law enforcement authorities are also getting better at tracking illicit cryptocurrency funds down.

Cryptocurrency, Ransomware

Decipher Podcast: Source Code 6/17

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code

CISA Releases New Proposed Cloud Security Guidance

CISA is asking for public comment on a new set of cloud security guidance for federal agencies.

Government, Cloud Security

Microsoft Windows Update Fixes Known, Actively Exploited Flaw

Microsoft issued a patch for the Follina vulnerability, which was first disclosed in May and has been under active exploitation by attackers.

Microsoft

U.S., Israeli Officials Targeted in Spear-Phishing Operation

A targeted spear-phishing operation leveraged sophisticated social engineering tactics in order to collect personal information about high-ranking officials in the U.S. and Israel.

Spear Phishing

Attackers Exploit Confluence Bug to Drop Ransomware, Webshells

Exploitation of a critical, recently patched Atlassian Confluence bug continues to ramp up.

Atlassian, Rce

Prolific Ransomware Affiliate Groups Deploy BlackCat

The BlackCat RaaS continues to pose a bigger threat as two well-known ransomware affiliates have added the payload into their arsenal.

Ransomware

‘Highly Evasive’ Malware Targets Linux Systems

A new "highly-evasive" Linux malware leverages the Berkeley Packet Filter (BPF) hooking functionality to hide malicious network traffic.

Malware