SEARCH
All Articles
‘We Have to Change the Decision Calculus’ to Stop Ransomware
Ransomware groups such as REvil have take some hits recently, but the broader landscape has continued to expand and experts say defenders need to change their thinking in order to address the problem.
CISA Warns of Serious Flaws in Many DDS Implementations
CISA is warning ICS operators of a number of vulnerabilities in some open-source and proprietary data distribution service implementations that can lead to remote code execution.
DHS Program Aims to Recruit Cybersecurity Talent
The Cybersecurity Talent Management System from the Department of Homeland Security (DHS) aims to overhaul the government's efforts in recruiting - and retaining - top cyber talent.
Decipher Podcast: Source Code 11/12
Welcome to Source Code: Decipher’s behind the scenes look at the weekly news with input from our sources.
New Mac Malware Delivered in Watering-Hole Attacks
A watering-hole attack leveraged a now-patched Apple vulnerability to infect website visitors with novel Mac malware.
Microsoft Fixes Actively Exploited Exchange Server Bug
The Exchange Server flaw is one of 55 vulnerabilities fixed in Microsoft's Patch Tuesday update.
Decipher Podcast: Amanda Gorton
Amanda Gorton, CEO and cofounder of Corellium, joins Dennis Fisher to discuss her path from studying classics to found two security startups, the challenges of building a unique platform, and the opportunity to help address IoT security.
Hacker-For-Hire Operation Targets Politicians, Journalists Worldwide
A recently uncovered hacker-for-hire group offers services for hacking email inboxes and social media accounts of journalists, politicians and more.
Flaws on Nucleus TCP/IP Stack Impact Safety-Critical Devices
Siemens has issued patches after a set of 13 vulnerabilities was discovered in the Nucleus TCP/IP stack.
Attackers Exploit ManageEngine Flaw to Steal Sensitive Data
A known, critical-severity flaw in ManageEngine ADSelfService Plus is under attack by bad actors who are leveraging it to execute a novel credential-theft tool on victims' networks.
U.S. Indicts Two Alleged REvil Operators, Seizes $6 Million in Payments
The Justice Department indicted a Russian and a Ukrainian in connection with REvil ransomware operations, including the attack on Kaseya.
U.S. Gov Offers $10M Bounty for DarkSide Ransomware Leaders
The U.S. government is upping its efforts to track down members of the DarkSide cybercrime group, which was behind the May ransomware attack on the Colonial Pipeline.
Vulnerable Microsoft Exchange Servers Hit With Babuk Ransomware
An emerging threat called Tortilla has been exploiting vulnerabilities in Microsoft (MS) Exchange servers hit with Babuk ransomware.
Decipher Podcast: Source Code 11/5
Welcome to Source Code: Decipher’s new behind the scenes look at the weekly news with input from our sources. Topping the headlines this week are two key cybersecurity-related moves by the U.S. government. These include the government blocking exports to NSO Group, Positive Technologies and other companies, and creating a catalog of known, actively exploited vulnerabilities that federal agencies must address. In other news, researchers have uncovered a threat group targeting vulnerable Microsoft Exchange servers with ransomware. A new report also shed light on various network access brokers selling credentials that they claimed belonged to logistics companies.
BlackMatter Ransomware Group Claim It’s Shutting Down
The BlackMatter ransomware group says it is closing up shop after pressure from authorities and the disappearance of some members.