SEARCH
All Articles
The Hacker Movie Awards
It's Oscars season, so to celebrate the good, the bad, and the terrible in hacker movies, Zoe Lindsey, Pete Baker, and Dennis Fisher convene to hand out some fake awards for fake hacking.
New Bill Would Bar Federal Agencies From Buying Data
The Fourth Amendment Is Not For Sale Act targets loopholes in the law that permit data brokers to sell American’s private data to government agencies without a court order.
Chinese Attackers Target Pulse Secure Flaw in Government and Enterprise Networks
A new China-aligned threat group known as UNC2630 is using a zero day in Pulse Connect Secure VPN to breach government agencies and enterprises.
Lazarus APT Cloaks Payloads With BMP Image Files
The Lazarus threat group is hiding its payloads in bitmap image (BMP) files, as seen in spear-phishing attacks targeting victims in South Korea.
Decipher Podcast: Steve Ragan
Steve Ragan, security researcher with Akamai, joins Lindsey O’Donnell-Welch to discuss the evolution of phishing kits over the past year, and how attacks on the identity and trust model will change as employees start to go back into the office.
China’s Big Data Boom Spurs a Flourishing Underground Economy
As part of a prosperous Chinese-language underground economy, cybercriminals are illegally monetizing big data by selling it to scammers, threat groups or even marketers.
More Malware Targets M1-Based Macs
A recent variant of the XCSSET malware has the capability to infect ARM M1-based Macs in addition to x86-based machines.
New Bill Would Curb the Export of Americans’ Data
The newly-proposed U.S. draft bill would introduce a license requirement for foreign companies to trade U.S. citizens’ personal information.
Popular Codecov Bash Uploader Tool Compromised
The Codecov Bash Uploader tool, used widely in ,any development environments, was compromised in January, potentially causing serious downstream problems.
Russian APT Group Actively Exploiting Flaws, U.S. Agencies Warn
The U.S. federal agency advisory on the active exploits of five flaws comes in tandem with the U.S. government formally attributing the SolarWinds supply-chain attack to Russian Foreign Intelligence Service (SVR) actors.
U.S. Sanctions Russia in Wake of Recent Cyber Attacks
The U.S. has imposed new economic sanctions against the Russian government and several IT security companies in the wake of the SolarWinds intrusion and other attacks.
Lazarus Group Adds JavaScript Sniffer to Cryptocurrency-Stealing Arsenal
The Lazarus threat group utilized a modified JavaScript sniffer to steal cryptocurrency from unsuspecting e-commerce website consumers.
Decipher Podcast: Patrick Wardle Returns
Mac security researcher Patrick Wardle joins Dennis Fisher to talk about the evolution of Mac malware, the relative security of macOS to other platforms, and Apple's current approach to platform safety.
FBI Uses Warrant to Remove Webshells From Compromised Exchange Servers
The FBI issued remote commands to compromised Exchange servers to remove webshells with the authority of a court order.
IoT, Industrial Devices Impacted By Name:Wreck Vulnerabilities
Researchers found nine flaws that highlight the weaknesses of DNS protocol implementations in TCP/IP network communication stacks.