All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2235 articles:

Curl Flaw Could Allow Authentication Bypass

Several versions of curl and the curl library contain a pair of security flaws.

Vulnerability

Man Convicted in Phishing Scam That Cost U.S. DoD $23.5M

A $23.5 million phishing scheme was carried out in 2018 that impacted the U.S. Department of Defense.

Phishing

Breaking Down the CISA Budget Proposal: Critical Infrastructure, Federal Security Investments

Overall, the proposed fiscal year 2023 budget represents an 18 percent increase over the requested budget for fiscal year 2022, reflecting a "significantly increased investment" in CISA.

Cisa, Government Agencies

Decipher Podcast: Source Code 4/29

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

New Bumblebee Malware Loader in Active Development

Researchers speculate that the emerging loader is a replacement for the BazaLoader malware.

Malware

Behind the Rapidly Shifting Ransomware Ecosystem

Many of the top ransomware groups in 2021 have disappeared, while several new groups have emerged with high levels of activity.

Ransomware

ProxyShell, Log4J Among Most Commonly Exploited Bugs in 2021

The ProxyShell, Log4J, and Zerologon bugs were among the most commonly exploited ones in 2021, according to a new advisory from the NSA and other agencies.

NSA, Proxyshell

Decipher Podcast: Don Smith

Don Smith of the Secureworks CTU joins Dennis Fisher to discuss the effects of the Conti leaks, the ransomware landscape, and how law enforcement and researchers are countering attackers' ploys.

Podcast, Ransomwa

APT Groups Exploit Known VMware RCE Flaw

Sophisticated threat groups started closing in on the VMware remote code execution flaw a week after a patch was deployed.

Vmware, Flaw

Microsoft Uncovers ‘Nimbuspwn’ Flaws in Linux Service

Microsoft researchers found a group of vulnerabilities dubbed Nimbuspwn in a Linux service named networkd-dispatcher that can lead to root privileges.

Linux, Microsoft

Emotet ‘Test’ Campaign Leverages OneDrive, XLL Files

A recent Emotet campaign with significant TTP changes reveal that attackers may be moving away from macros-based attacks given Microsoft’s recent plans to block VBA macros by default.

Emotet, Malware

Novel BlackCat Ransomware Tactic Speeds Up Encryption Process

A March 17 BlackCat ransomware incident revealed how the attackers are working to speed up the process of encryption using a new communication protocol.

Ransomware

Okta Ends Investigation Into Lapsus$ Breach

Identity provider Okta has finished the investigation into a January breach by hacking group Lapsus$ at one of its third-party providers and says it affected far fewer customers than initially feared.

Okta

Decipher Podcast: Source Code 4/22

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Lemon Duck Botnet Targets Exposed Docker APIs

The prolific botnet, which previously targeted vulnerable Microsoft Exchange servers, is now gaining initial access via exposed Docker APIs.

Docker, Cryptomining, Botnet