Three vulnerabilities in some models of APC UPS devices can allow an attacker to upload a malicious firmware image and use the devices for further network attacks.
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
Healthcare providers, clinics and hospitals face daunting challenges in how they protect against cyberattacks. But security experts are seeing improvement.
Lamsweeper has patched three SQL injection bugs and a cross-site scripting bug in its popular IT asset management platform.
Attackers abused a 'broken TCP implementation' in middleboxes to launch a 'small number' of DDoS attacks against organizations in recent weeks.
NVIDIA said attackers stole some employee credentials and other proprietary company information that is being leaked online.
Mike Hanley, CSO of GitHub, recently joined Dennis Fisher on the Decipher podcast to discuss the White House open source security summit in January, the Log4j response, and the challenges of helping millions of developers secure their projects.
A China-linked threat actor is using a highly sophisticated backdoor called Daxin that implements its own communication protocol and has been deployed against military and critical infrastructure targets.
Mike Hanley, CSO at GitHub and former VP of security at Duo Security, joins Dennis Fisher to talk about the open source security summit at the White House, the Log4j response, and how the tech industry can support the open source community.
Researchers believe that attackers behind the Anchor malware, the Trickbot gang, have ceased Trickbot operations are instead focusing on deploying stealthier versions of other malware families.
Welcome back to Source Code, Decipher’s weekly news podcast with input from our sources.
Ransomware actors have increasingly shifted their tactics to exploit flaws as part of their initial infection vector.
U.S. agencies are warning that the Iranian-backed APT group MuddyWater is targeting organizations in many industries in North America and elsewhere.
Researchers observed wiper malware and DDoS attacks impacting organizations in Ukraine this week.
The Russian Sandworm threat actor has been deploying a new piece of malware called Cyclops Blink, warns CISA and NSA.