Security news that informs and inspires

All Articles

2202 articles:

Biden to Nominate Former NSA Official Easterly to Head CISA

President Biden plans to nominate Jen Easterly, a former Army officer and NSA official, to head the Cybersecurity and Infrastructure Security Agency.

Government, Cisa

IcedID Trojan Finding New Ways to Slip Past Defenses

The IcedID trojan is taking up come of the slack left behind when the Emotet botnet was taken down, with new evasion and infection flows.

Malware

Iron Tiger APT Updates Toolkit in 18-Month Malware Campaign

An 18-month malware campaign on a gambling company reveals how the Iron Tiger threat group has updated its toolkit.

APT, Malware, Attacker, Remote Access Trojan, Backdoors

Decipher Podcast: Charles Shirer

Charles Shirer, a red teamer, hacker, and FreeBSD enthusiast, joins Dennis Fisher to talk about his path to working in security, learning to hack, and his motivational videos.

Podcast

Attackers Target European Industrial Firms With Cring Ransomware

Attackers exploited a previously-disclosed flaw in Fortinet VPN servers in order to hit European industrial firms with the Cring ransomware.

Ransomware, Cring Ransomware, Attacker, Vulnerability

Q&A: Idan Plotnik

Idan Plotnik of Apiiro Security discusses the value of a risk-based approach to software development and deployment.

Software Security

Apple Details Crackdown Efforts On Invasive Ad Tracking

Apple said its App Tracking Transparency rules will restrict advertisers’ abilities to track user behavior, while still giving them the option to analyze the impact of their ads.

Apple, Mobile, Mobile Apps, Privacy

Ongoing Attacks Target SAP Flaws, Unsecured Accounts

Attackers are targeting SAP enterprise applications that have not been updated to address previously-fixed flaws, researchers warn.

Vulnerability, Vulnerabilities, Patch, SAP

EtterSilent Builder Gains Momentum in Malware Campaigns

The EtterSilent builder has been used in campaigns alongside Ryuk ransomware, the Gozi banking trojan, and BazarLoader.

Trickbot, Malware

Decipher Podcast: Idan Plotnik

Idan Plotnik, CEO of Apiiro, joins Dennis Fisher to talk about taking a risk-based approach to code and securing the software development lifecycle.

Podcast

U.S. Senators Press Ad Exchanges on Data Privacy

Senators pressure eight digital advertising exchanges - including Twitter, Google and AT&T - to disclose who is collecting what specific user data during the real-time bidding process.

Privacy, Government, Government Agencies, Data Privacy

Kansas Water Utility Attack Underscores Security Limitations in Municipalities

An indictment this week resulting from a 2019 intrusion at a Kansas water utility highlights the budgetary and technical limitations utilities face.

ICS Security

Enterprises Are Patching Faster, Reducing Vulnerability Debt

Enterprises are patching more high-risk vulnerabilities faster now than just a year ago, new data from Kenna Security shows.

Vulnerability Management

Iranian APT Group Phosphorus Targets Medical Researchers

The Phosphorus attack group, also known as Charming Kitten, recently targeted medical researchers in a new spear phishing campaign.

APT, Iran

Video Game Malware Raises Unforeseen Remote Work Threats

A new malware campaign that targets gamers with the promise of cheat codes could have repercussions for enterprise employees working remotely on personal machines.

Malware, Phishing