Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2237 articles:

Decipher Podcast: Patrick Wardle Returns

Mac security researcher Patrick Wardle joins Dennis Fisher to talk about the evolution of Mac malware, the relative security of macOS to other platforms, and Apple's current approach to platform safety.

Podcast

FBI Uses Warrant to Remove Webshells From Compromised Exchange Servers

The FBI issued remote commands to compromised Exchange servers to remove webshells with the authority of a court order.

Government, Microsoft

IoT, Industrial Devices Impacted By Name:Wreck Vulnerabilities

Researchers found nine flaws that highlight the weaknesses of DNS protocol implementations in TCP/IP network communication stacks.

Iot Security, DNS Security, DNS

Microsoft Fixes Windows Zero Day Exploited in the Wild, Four More Exchange Flaws

Microsoft has released patches for a Windows bug that is being exploited in the wild and for four new Exchange vulnerabilities.

Microsoft, Patch Tuesday

Threat Groups Prey on Mobile With Evolving Malware, Tactics

Up to 97 percent of organizations reported facing mobile threats that used multiple attack vectors during 2020, as cybercriminals continue to adopt new tactics to target mobile devices.

Mobile, Malware, Banking Malware, Android

Biden to Nominate Former NSA Official Easterly to Head CISA

President Biden plans to nominate Jen Easterly, a former Army officer and NSA official, to head the Cybersecurity and Infrastructure Security Agency.

Government, Cisa

IcedID Trojan Finding New Ways to Slip Past Defenses

The IcedID trojan is taking up come of the slack left behind when the Emotet botnet was taken down, with new evasion and infection flows.

Malware

Iron Tiger APT Updates Toolkit in 18-Month Malware Campaign

An 18-month malware campaign on a gambling company reveals how the Iron Tiger threat group has updated its toolkit.

APT, Malware, Attacker, Remote Access Trojan, Backdoors

Decipher Podcast: Charles Shirer

Charles Shirer, a red teamer, hacker, and FreeBSD enthusiast, joins Dennis Fisher to talk about his path to working in security, learning to hack, and his motivational videos.

Podcast

Attackers Target European Industrial Firms With Cring Ransomware

Attackers exploited a previously-disclosed flaw in Fortinet VPN servers in order to hit European industrial firms with the Cring ransomware.

Ransomware, Cring Ransomware, Attacker, Vulnerability

Q&A: Idan Plotnik

Idan Plotnik of Apiiro Security discusses the value of a risk-based approach to software development and deployment.

Software Security

Apple Details Crackdown Efforts On Invasive Ad Tracking

Apple said its App Tracking Transparency rules will restrict advertisers’ abilities to track user behavior, while still giving them the option to analyze the impact of their ads.

Apple, Mobile, Mobile Apps, Privacy

Ongoing Attacks Target SAP Flaws, Unsecured Accounts

Attackers are targeting SAP enterprise applications that have not been updated to address previously-fixed flaws, researchers warn.

Vulnerability, Vulnerabilities, Patch, SAP

EtterSilent Builder Gains Momentum in Malware Campaigns

The EtterSilent builder has been used in campaigns alongside Ryuk ransomware, the Gozi banking trojan, and BazarLoader.

Trickbot, Malware

Decipher Podcast: Idan Plotnik

Idan Plotnik, CEO of Apiiro, joins Dennis Fisher to talk about taking a risk-based approach to code and securing the software development lifecycle.

Podcast