All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2235 articles:

Trio of Flaws Allows Remote Takeover of Some APC UPS Devices

Three vulnerabilities in some models of APC UPS devices can allow an attacker to upload a malicious firmware image and use the devices for further network attacks.

ICS Security

Decipher Podcast: Source Code 3/4

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Healthcare Sector Grapples With Legacy Devices, Patching Woes

Healthcare providers, clinics and hospitals face daunting challenges in how they protect against cyberattacks. But security experts are seeing improvement.

Healthcare Security

Lansweeper Fixes Four Bugs in IT Asset Management Platform

Lamsweeper has patched three SQL injection bugs and a cross-site scripting bug in its popular IT asset management platform.

Vulnerabilities

New DDoS Attack Vector Abuses Content Filtering Systems

Attackers abused a 'broken TCP implementation' in middleboxes to launch a 'small number' of DDoS attacks against organizations in recent weeks.

Ddos

NVIDIA Confirms Theft of Employee Credentials

NVIDIA said attackers stole some employee credentials and other proprietary company information that is being leaked online.

Data Breaches

Q&A: Mike Hanley

Mike Hanley, CSO of GitHub, recently joined Dennis Fisher on the Decipher podcast to discuss the White House open source security summit in January, the Log4j response, and the challenges of helping millions of developers secure their projects.

Github

China-Linked Group Using New Daxin Backdoor

A China-linked threat actor is using a highly sophisticated backdoor called Daxin that implements its own communication protocol and has been deployed against military and critical infrastructure targets.

Malware

Decipher Podcast: Mike Hanley

Mike Hanley, CSO at GitHub and former VP of security at Duo Security, joins Dennis Fisher to talk about the open source security summit at the White House, the Log4j response, and how the tech industry can support the open source community.

Podcast, Github

Revamped Anchor Malware Targets Windows Systems

Researchers believe that attackers behind the Anchor malware, the Trickbot gang, have ceased Trickbot operations are instead focusing on deploying stealthier versions of other malware families.

Malware, Windows, Trickbot

Decipher Podcast: Source Code 2/25

Welcome back to Source Code, Decipher’s weekly news podcast with input from our sources.

Source Code, Podcast

Cuba Ransomware Exploits Microsoft Exchange Flaws

Ransomware actors have increasingly shifted their tactics to exploit flaws as part of their initial infection vector.

Ransomware, Microsoft Exchange, Proxyshell

CISA Warns of Ongoing Attacks by MuddyWater APT

U.S. agencies are warning that the Iranian-backed APT group MuddyWater is targeting organizations in many industries in North America and elsewhere.

Malware, Iran

Wiper Malware Hits Organizations in Ukraine

Researchers observed wiper malware and DDoS attacks impacting organizations in Ukraine this week.

Malware, Cyberattack

Sandworm Group Deploying New Cyclops Blink Malware

The Russian Sandworm threat actor has been deploying a new piece of malware called Cyclops Blink, warns CISA and NSA.

Malware, Russia