Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2327 articles:

Researchers Demo Relay Attack Against Bluetooth LE Systems

NCC Group researchers have shown a novel relay attack against Bluetooth Low Energy proximity authentication systems.

Bluetooth Security

Trio of Serious Bugs Fixed in SonicWall SSL VPNs

Three serious flaws, including an authentication bypass, a shared hard-coded encryption key, and an open redirect, have been patched in the SonicWall SMA 1000 SSL VPNs.

Vulnerabilities, Sonicwall

Iran-Linked Threat Group Targeted U.S. Orgs in Financially Motivated Attacks

A local government and philanthropic company have been targeted by the known Cobalt Mirage Iran-linked threat group in recent months.

Cybercrime

Decipher Podcast: Source Code 5/13

Welcome back to Source Code, Decipher’s weekly security news podcast.

Source Code, Podcast

New Google Team to Help Critical Open Source Projects Improve Security

Google is creating a new Open Source Maintenance Crew to aid critical open source projects up their security game.

Google, Open Source Security

IceApple Post-Exploitation Framework Deployed on Exchange Servers

Researchers have discovered a sophisticated post-exploitation framework being deployed on Microsoft Exchange servers to assist threat actors with credential harvesting and local reconnaissance.

Malware, Microsoft

Cyberattacks Against MSPs Continue to Escalate

Cybersecurity authorities from numerous counties warn that cybercriminals are increasingly targeting managed service providers (MSPs).

Managed Service Providers

White House Adds Three Key Cybersecurity Officials

National Cyber Director Chris Inglis has added three officials to his team, including Kemba Eneas Walden, Rob Knake, and Neal Higgins.

Government, Ransomware

After Microsoft Macro Malware Crackdown, Attackers Explore New Options

After Microsoft started blocking macros obtained from the internet by default, email attackers are exploring alternative techniques to distribute Emotet, Qakbot, IcedID and other payloads.

Malware, Microsoft

U.S. Offers $15M in Rewards for Conti Ransomware Group Information

The U.S. government is offering monetary rewards for information about Conti's leaders, affiliates and operators.

Ransomware

Exploits Emerge for Critical F5 Flaw

Exploits for the critical F5 BIG-IP flaw (CVE-2022-1388) are now circulating online and malicious actors are scanning for it.

F5

New Law Aims to Revamp Federal Cybercrime Tracking

The Better Cybercrime Metrics Act aims to help streamline the consistent reporting of cybercrime incidents.

Government, Fbi

Decipher Podcast: Source Code 5/6

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

New Malware Framework Distributed Via Pay-Per-Install Service

The malware framework contains a loader, dropper and a remote access trojan with its own network communication protocol.

Malware

GitHub to Require 2FA for All Users

GitHub will require 2FA for all users who contribute code on the platform by the end of 2023.

Github, 2fa