SEARCH
All Articles
‘Zero Day Piled on Zero Day’
Edge devices have become the go-to targets for cybercriminals and state actors, and experts say that will continue for the foreseeable future.
To Fix IoT Security, ‘We Need to Aim at the Security Have-Nots’
The IoT security landscape is grim, but private sector and government experts are trying to improve things through advocacy and collaboration.
Krebs: ‘Business Risk and Geopolitical Risk Are Intertwined’
CISA's former and current directors talked at the RSA Conference this week about challenges around inherently insecure technology and an explosion of threat actors.
Decipher Podcast: Kelly Shortridge at RSA Conference
At RSA Conference 2024, Kelly Shortridge, senior director of portfolio product management at Fastly, talks about the first steps organizations can take toward adopting a Secure by Design mindset and how businesses can approach the challenge of sustaining resilience in complex systems.
Proposed Bill Focuses on Voluntary AI Security Incident Reporting
A newly proposed bill aims to set up databases and processes for voluntary sharing of security incidents related to, and vulnerabilities in, AI systems.
RSA Conference 2024 Preview: The Sessions to See This Year
In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.
Attacker Accessed Dropbox Sign User Authentication Data in Recent Intrusion
An unknown attacker compromised a customer database for Dropbox Sign and accessed authentication information such as OAuth tokens and MFA data.
‘Uncharted Territory:’ Companies Devise AI Security Policies
Businesses have been preparing security policies for generative AI in the workplace, but many executives say that they still don’t fully understand the security implications of AI.
Verizon DBIR: Enterprises Know the Pain of Zero Day Exploits All Too Well
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches from last year, thanks to MOVEit Transfer and other bugs.
Senators Reprimand UnitedHealth CEO in Ransomware Hearing
UnitedHealth CEO Andrew Witty faced criticism over the handling of the Change Healthcare ransomware attack in two different government hearings on Wednesday.
Memory Safe: Dennis Fisher
In a special bonus Memory Safe episode, Dennis Fisher, Decipher’s editor in chief, talks about his decades of experience writing about cybersecurity news, the article he authored that inspired him to get into the industry (hint: it involved phishing) and how the cybersecurity news world has changed over the years.
Stolen Citrix Credentials Led to Change Ransomware Attack
UnitedHealth Group's CEO revealed that attackers behind the hack gained initial access by leveraging compromised credentials for a Citrix application that didn’t have multi-factor authentication enabled.
DHS Releases AI Security Guidance for Critical Infrastructure
The DHS guidelines outline how critical infrastructure entities can best be secured against the various risks associated with AI.
Cactus Ransomware Group Targets Qlik Sense Servers
Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.
Decipher Podcast: Source Code 4/26
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.