Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2239 articles:

Decipher Podcast: Source Code 1/21

Welcome to Source Code, Decipher’s weekly news podcast with input from our sources.

Podcast, Source Code

Emotet Spam Attacks Use Hexadecimal, Octal IP Addresses

The known tactic, which helps attackers sidestep detection, has been observed in spam messages that deploy Emotet.

Emotet, Malware, Spammers

Flaw in Rust Could Lead to File, Directory Deletion

A bug in many version of the Rust programming language could allow an attacker to trick a program into deleting files and directories.

Vulnerabilities, Rust

Failed Attacks Target SolarWinds Serv-U Bug in Log4Shell Campaigns

Microsoft researchers observed attackers exploiting the Log4Shell bug in the SolarWinds Serv-U software.

Log4j

MoonBounce UEFI Malware Uncovered in Targeted Attack

Researchers believe that China-linked threat group APT41 is behind the highly targeted attack.

UEFI, Malware

Biden Memo Orders Cybersecurity Mandates For National Security Systems

A National Security Memorandum signed Wednesday by President Joe Biden addresses various cybersecurity mandates - including MFA and encryption - for national security systems.

Government Agencies, Government Security

Decipher Podcast: Robert Hansen Returns

Robert Hansen (aka RSnake) joins Dennis Fisher to talk about his new research on NaN injection in Python and the issues with the software supply chain.

Podcast

Europol Takes Down VPN Service Used by Cybercriminals

A coordinated law enforcement operation seized 15 servers of a VPN provider that was a “popular choice for cybercriminals.”

Vpn, Cybercrime, Ransomware

Decipher Podcast: Source Code 1/14

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

A Complex Threat Landscape Muddles Attribution

While increased research and information-sharing have improved the process of attribution, a complex threat landscape is also making it more difficult.

APT, Threat Assessment, Threat Detection

Russia Arrests Alleged REvil Ransomware Members at U.S. Urging

The Russian FSB has arrested 14 alleged members of the REvil ransomware group after U.S. officials urged the country to move against the group.

Ransomware, Governance

Tech Leaders, Federal Officials Seek a Way Forward for Open Source Security

White House officials and leaders from Apple, Google, GitHub, and other companies met to discuss ways to improve the security of open source projects critical to national security.

Open Source, Log4j

US Cyber Command Discloses MuddyWater Malware Samples

The U.S. government gave details on 17 MuddyWater samples and linked the threat group to the Iranian intelligence service.

APT, Iran, Malware

Attackers Deploy Multiple RATs in Phishing Campaign

The Nanocore RAT, Netwire RAT and AsyncRAT are being spread through a phishing email that contains a downloader with multiple layers of obfuscation.

Remote Access Trojan, Phishing

APT35 Executes PowerShell-Based Malware in Log4j Flaw Attacks

The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.

Apt35, Log4j, Malware