All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

CISA Orders Federal Agencies to Patch Hundreds of Known Flaws

Under a new binding operational directive (BOD), CISA has developed a catalog of known, exploited vulnerabilities that federal agencies must address.

Government Agencies, CISA, Vulnerabilities, Vulnerability Management

U.S. Blocks Exports to NSO Group, Other Firms Over National Security Concerns

The Commerce Department added NSO Group, Candiru, Positive Technologies, and COSEINC to its Entity List, restricting exports of software and hardware to them.

Government, Spyware

Cybercriminals Target Transport and Logistics Industry

Cybercriminals claim they have access to various shipping and logistics company networks, causing what researchers say could be a “precarious situation” for the struggling supply chain sector.

Supply Chain, Cybercrime

Firefox 94 Adds Site Isolation to Mitigate Side-Channel Attacks

Mozilla has added site isolation to Firefox 94 to defend against side-channel attacks such as Spectre and Meltdown.

Firefox

Google Fixes Two Chrome Zero-Day Flaws

The two zero-day flaws were part of eight vulnerabilities patched this week in Google Chrome.

Google Chrome, Chrome Security, Zero Day

International Task Force Disrupts European Ransomware Operation

A task force of European and U.S. agencies arrested 12 suspects in Switzerland and Ukraine as part of an action against a ransomware operation.

Ransomware

Apple Fixes Slew of Bugs in iOS, macOS

Apple has fixed more than 20 vulnerabilities in iOS 15.1 and macOS Monterey 12.01.

Apple

FTC Beefs Up Security Mandates For Financial Sector

The FTC has made changes to the Safeguards Rule aimed at securing consumer data in the financial industry.

FTC, Financial Services, Finance Security

Lazarus APT Uses Updated Malware in Potential Supply Chain Attacks

The Lazarus group has been recently observed “building supply-chain attack capabilities” by targeting a legitimate South Korean security software and an IT asset monitoring solution vendor.

Supply Chain, Lazarus, APT

Emerging Loader Delivered Via Hijacked Email Threads

Researchers shed light on a malware loader that's been spotted consistently being spread via email spam messages over the past month.

Email, Malware, Spammers

Nation-State Attackers Sharpen Focus on Governments, NGOs

New data from Microsoft shows that Nobelium, Thallium, and other nation-state attack groups are increasingly focusing on government agencies and NGOs.

Microsoft, Malware

Microsoft Warns of Ongoing Nobelium Supply Chain Attacks

Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.

Solarwinds, Supply Chain, Microsoft

Decipher Podcast: Courtney Nash

Courtney Nash of Verica joins Dennis Fisher to talk about the new Verica Open Incident Database, which centralizes reports of software outages, security incidents, and near misses, and why studying the way systems fail is so valuable.

Podcast

Researcher Discovers Private Keys to Decrypt Rogue Cobalt Strike Beacon Communications

Didier Stevens has discovered several shared keypairs used by rogue Cobalt Strike implementations used by malicious actors.

Ransomware

TodayZoo Phishing Kit Used to Swipe Microsoft Credentials

Microsoft researchers said TodayZoo, used for a massive campaign aimed at stealing victims’ credentials, was pieced together from an old phishing kit template.

Phishing, Phishing Kits, Phishing Scams