Security news that informs and inspires

All Articles

2201 articles:

Russian COLDRIVER Group Uses New Backdoor to Target Governments

The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.

Russia, Phishing

Citrix Discloses Actively Exploited NetScaler ADC and Gateway Flaws

Flaws in Citrix NetScaler and ADC Gateway have historically been targeted by threat actors, though researchers don't believe the impact of these two bugs to match that of CitrixBleed.

Zero Day, Citrix, Citrix Netscaler

Memory Safe: Casey Ellis

In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it’s broken.”

Memory Safe, Video

Mint Sandstorm APT Targets Universities, Researchers

A new phishing campaign by a subset of the Iranian threat group Mint Sandstorm is targeting universities and research organizations with custom backdoors.

Iran

VMware Fixes Critical Aria Automation Bug

For patching, VMware said that "this situation qualifies as an emergency change."

Vmware

GitLab Patches Critical Account Takeover Flaw

The flaw (CVE-2023-7028) stems from the fact that user account password reset emails can be delivered to unverified email addresses.

Gitlab, Account Takeover

APT Group Targets Ivanti Flaws

An unidentified APT group is actively exploiting the two recently disclosed Ivanti Pulse Secure and Connect Secure vulnerabilities (CVE-2023-46805 and CVE-2024-21887).

Ivanti

FBot Hacking Tool Targets Cloud, Payment Platforms

A new Python-based hacking tool is leveraged by cybercriminals to target cloud and SaaS platforms, and payment services, like AWS, Office365, PayPal and Twilio.

AWS, Cloud Security

Decipher Podcast: Source Code 1/12

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Ivanti Warns of Connect Secure, Policy Secure Zero Days

Patches will be released starting Jan. 22, but until then Ivanti urges customers to apply mitigations.

Zero Day

Decryptor Issued For Babuk Tortilla Ransomware Variant

Cisco Talos researchers also said that Dutch law enforcement has identified and apprehended the threat actor behind Babuk Tortilla operations.

Ransomware

Threat Actors Target Microsoft SQL Servers in Mimic Ransomware Attacks

Organizations based in the U.S., EU and Latin America have been targeted over the past few weeks.

Microsoft, Sql

Attackers Focus on Apache OFBiz Bug

Threat actors are targeting a critical flaw in the Apache OFBiz platform that was disclosed in late December.

Apache

Decipher Podcast: James Doggett

James Doggett, CISO of Semperis and a longtime executive in the financial and insurance industries, joins Dennis Fisher to discuss his career arc and the challenges of being a CISO in today's highly scrutinized and pressure-filled environment.

Podcast

What We Learned in 2023

2023 was one of the crazier years in recent memory for security news, and we did our best to make sense of it all. We gathered some of our friends to talk about what the biggest stories of the year were and what we learned from them.

AI, Ransomware