SEARCH
All Articles
Microsoft Fixes Exploited Windows Bug
The vulnerability in the Windows Common Log File system could allow an authenticated attacker to execute code with elevated privileges.
New Regulation May Follow Twitter Disclosures
Whistleblower disclosures by former Twitter security executive Peiter Zatko have spurred Congress to consider new regulations of platform providers and social media companies.
Iranian Attackers Upgrade Social Engineering Tactics
Iranian threat actor TA453 has been sending spear-phishing emails that impersonate real individuals from Western foreign policy research institutions.
Apple Patches Zero Days in macOS Monterey, Big Sur
Apple has patched zero days in the kernel of macOS Monterey and Big Sur and also fixed 11 vulnerabilities with the release of iOS 16.
Expect ‘Fluidity’ From Threat Actors Ahead of the Midterm Elections
While awareness about election security has increased since 2016, threat actors launching espionage and disinformation campaigns are also leveling up, warn security experts.
Decipher Podcast: Sneakers at 30
Dennis Fisher, Zoe Lindsey, Pete Baker, and Casey Ellis convene to honor the 30th anniversary of the release of Sneakers, the greatest hacker movie ever made, and discuss its legacy, popularity in the hacker community, and why it still holds up today.
Iranian Actors Targeted SharePoint Flaw in Attack on Albania
The Iranian state-backed actors who attacked the Albanian government targeted an old SharePOint vulnerability for initial access.
U.S. Seizes $30 Million in Cryptocurrency from North Korean Hackers
Chainalysis said it worked with law enforcement to recover $30 million in stolen funds from the March Axie Infinity currency heist.
Decipher Podcast: Source Code 9/9
Welcome back to Source Code, Decipher's weekly security news podcast.
Lazarus Group Exploited Log4j Flaw to Target Energy Firms
The North Korean state-sponsored group has been targeting VMware Horizon servers vulnerable to Log4j in order to infect energy firms with malware.
White House Plans ‘Further Action’ After Iranian Cyberattack on Albania
The White House and the Albanian government blamed Iranian government-supported actors for a July attack on Albania infrastructure, and said futrher action would be forthcoming.
Iranian APT Targets Email Credentials in Espionage Attacks
APT42 is creative in its social engineering efforts and steals credentials and MFA authentication codes in order to compromise targets and conduct espionage.
Q&A: Meg Gardiner
Meg Gardiner recently joined Dennis Fisher on the Decipher podcast to talk about the hacking and security aspects of her new novel, Heat 2.
CISA, FBI Warn of Vice Society Ransomware Attacks on Schools
The U.S. government security advisory comes the same week that the Los Angeles Unified School District, the second-largest U.S. school district, said it was hit by ransomware.
A Look Inside TA505’s ServHelper Malware Control Panel
The control panels show how TA505 is “highly proactive” in updating its malware and has the ability to run multiple malware campaigns at the same time.