All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

Google Disrupts Massive Glupteba Botnet

Google has taken down servers associated with the huge Glupteba botnet and also sued two alleged operators of the network.

Google, Botnet

Microsoft Seizes Sites From Chinese APT Group

Microsoft has disrupted "a key piece of infrastructure" used by the China-based threat group known as Nickel or APT15.

Microsoft, Cybercrime

New Guidance Pushes Federal Agencies Toward Automated Incident Reporting

New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.

CISA, Government

Cloud Service Provider Compromises Use CeeLoader Malware

Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.

Solarwinds, Malware

Decipher Podcast: Source Code 12/3

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

APT Groups Exploiting Critical Flaw in ManageEngine ServiceDesk Plus

CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.

CISA

TSA Issues Security Rules For Rail Operators

Several new Security Directives, released by the TSA, aim to improve the security postures of rail and aviation entities.

Government Agencies, Government Security, Transportation

Malicious Chrome Extension, Backdoor Uncovered in Malware Campaign

A threat actor has been deploying web browser credential stealers, an undocumented backdoor and new Google Chrome malicious extension in an ongoing campaign.

Malware, Chrome Extensions, Google Chrome, Backdoors

Mozilla Fixes Critical Flaw in NSS Crypto Library

Mozilla has fixed a critical buffer overflow in its NSS cryptographic library that had been lurking in the code for several years.

Mozilla

APTs Leverage New RTF Phishing Tactic

Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.

Phishing, Malware, Email

SIM Hijacking Attack Lands Hacking Group Member in Jail

The sentencing comes as the FCC grapples with how it can better safeguard consumers against SIM hijacking attempts.

Hacking, Government, Mobile Security

TA505 Seen Using P2P RAT in New Operations

The TA505 threat group known for using the Clop ransomware and Dridex trojan is now using a new P2P RAT.

Malware

VirusTotal Adds Collections Feature for Better Collaboration and Context

VirusTotal has added a Collections feature to enable better real-time sharing of IOCs and context around malicious files and URLs.

Malware

Ransomware Group Continually Rebrands to Slip Under Radar

Researchers warn that a ransomware group's constant rebranding and its small size has allowed for it to fly under the radar.

Ransomware, Malware, Critical Infrastructure

Q&A: Casey Ellis

Casey Ellis, founder, chairman and CTO of Bugcrowd, discusses the future of vulnerability disclosure programs.

Q&a, Vulnerability Disclosure