Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2327 articles:

Enterprise Ransomware Attacks Are Getting Faster

The average ransomware attack duration - from the initial access to the deployment of the ransomware payload at scale - was under four days in 2021.

Ransomware

Attackers Continue to Target Critical WSO2 Flaw

Weeks after the disclosure of the vulnerability (CVE-2022-29464) in WSO2 products, attackers are leveraging the flaw to install Linux-compatible Cobalt Strike beacons, cryptocurrency miners and more.

Wso2, Vulnerability

Cheerscrypt Linux-Based Ransomware Targets VMware ESXi Servers

The new Linux-based ransomware is only the latest to target VMware ESXi servers.

Linux

Exploits Target Zero Day in Windows and Office

A zero day flaw (CVE-2022-30190) in Windows and Office is under active attack and MIcrosoft has not issued a patch yet.

Microsoft

Interpol Arrests Alleged Head of BEC Cybercrime Syndicate

Interpol and private-sector companies announced the arrest of the alleged leader of a well-known phishing and BEC group.

BEC

Ransomware Safe Havens, Reporting Inconsistencies Trouble Authorities

Despite the U.S. government adopting many recommendations by the Ransomware Task Force in combating ransomware, authorities still grapple with several challenges that enable the ransomware ecosystem to thrive.

Ransomware, Ransomware Task Force

Cisco Patches Serious Flaw in IOS

Cisco has patched a flaw in IOS XR that can allow an attacker to write arbitrary files to the Redis instance.

Vulnerability

Decipher Podcast: Source Code 5/20

Welcome back to Source Code, Decipher’s weekly news wrap podcast.

Source Code

DoJ Will Not Prosecute Good-Faith Hackers Under CFAA

The Department of Justice's new policy changes further narrow the scope of the Computer Fraud and Abuse Act, which has long been criticized for being too vague.

CFAA

QNAP Warns of Deadbolt Ransomware Targeting NAS Devices

QNAP is urging customers to remove NAS devices from the Internet amid a new wave of Deadbolt ransomware intrusions.

Ransomware

CISA: Federal Agencies Must Fix VMware Bugs Within Five Days

CISA is mandating federal agencies to apply updates that fix several serious VMware bugs.

Vmware, CISA

Biden’s Cyber EO Ushered in Era of ‘Renewed Focus,’ But Challenges Remain

Government officials cited progress a year after Biden's executive order, but stressed that "there's more work to do."

MFA, Zero Trust

NVIDIA Fixes Serious Flaws in GPU Driver

NVIDIA has released an update to fix a number of serious code-execution flaws in its GPU display driver that could be used to perform guest-to-host escapes.

Vulnerability

DoJ: Venezuelan Doctor Behind Thanos Ransomware Builder

A 55-year-old Venezuelan cardiologist is allegedly behind the Jigsaw v.2 ransomware and the Thanos builder.

Ransomware

Exploitation Attempts Start for Zyxel RCE Bug

A recently patched Zyxel firewall bug can allow bad actors to launch remote code execution attacks.

Rce