Security news that informs and inspires

All Articles

2322 articles:

RSA Conference 2024 Preview: The Sessions to See This Year

In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.

RSA, Video

Attacker Accessed Dropbox Sign User Authentication Data in Recent Intrusion

An unknown attacker compromised a customer database for Dropbox Sign and accessed authentication information such as OAuth tokens and MFA data.

Data Breach

‘Uncharted Territory:’ Companies Devise AI Security Policies

Businesses have been preparing security policies for generative AI in the workplace, but many executives say that they still don’t fully understand the security implications of AI.

AI

Verizon DBIR: Enterprises Know the Pain of Zero Day Exploits All Too Well

The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches from last year, thanks to MOVEit Transfer and other bugs.

Data Breach

Senators Reprimand UnitedHealth CEO in Ransomware Hearing

UnitedHealth CEO Andrew Witty faced criticism over the handling of the Change Healthcare ransomware attack in two different government hearings on Wednesday.

Ransomware

Memory Safe: Dennis Fisher

In a special bonus Memory Safe episode, Dennis Fisher, Decipher’s editor in chief, talks about his decades of experience writing about cybersecurity news, the article he authored that inspired him to get into the industry (hint: it involved phishing) and how the cybersecurity news world has changed over the years.

Memory Safe

Stolen Citrix Credentials Led to Change Ransomware Attack

UnitedHealth Group's CEO revealed that attackers behind the hack gained initial access by leveraging compromised credentials for a Citrix application that didn’t have multi-factor authentication enabled.

Credentials

DHS Releases AI Security Guidance for Critical Infrastructure

The DHS guidelines outline how critical infrastructure entities can best be secured against the various risks associated with AI.

DHS, AI

Cactus Ransomware Group Targets Qlik Sense Servers

Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.

Ransomware

Decipher Podcast: Source Code 4/26

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Podcast, Source Code

NSA Advisory Sheds Light on Securely Deploying AI Systems

New guidelines from the NSA highlight best security practices for deploying and operating AI systems.

AI

Ransomware Task Force: We Need to Disrupt Operations at Scale

The Ransomware Task Force’s most recent report shows how the industry needs to rely on more than takedown operations in order to have more effective, long-term impacts in combating ransomware.

Video

Defusing the Threat of Compromised Credentials

Compromised credentials are at the root of many intrusions, but there are ways to reduce the threat from stolen credentials.

Identity, Credential Theft

Decipher Podcast: Lachlan McGill and Euan Moore

The Salvation Army's Lachlan McGill and Euan Moore talk about their experiences building a strong cybersecurity foundation, navigating the organization’s unique challenges and fostering a culture around security awareness.

Security Program, Podcast

Change Healthcare Says Attackers Accessed PHI and PII

The ransomware attack on Change Healthcare included the theft of PHI and PII, the company said.

Healthcare