Security news that informs and inspires

All Articles

2095 articles:

Cuba Ransomware Attacks Reveal TTP Modifications

Researchers said they observed new tactics being used by the well-known ransomware group in attacks against a critical infrastructure entity in the U.S. and an IT integrator in Latin America.


Threat Actors Exploit Known Citrix ShareFile Flaw

The ShareFile flaw could allow unauthenticated attackers to remotely compromise the customer-managed ShareFile storage zone controller.


Phishing Campaign Targets Zimbra Users

A newly identified phishing campaign is targeting Zimbra Collaboration users around the world.


Ivanti Fixes Flaws in Enterprise Mobile Device Management Software

One of the more serious flaws in Ivanti's enterprise mobile device management platform could allow unauthenticated, remote attackers to execute code.

Vulnerability, Ivanti

Mandiant Releases Scanner for Citrix ADC Bug

Mandiant has released a scanner to identify appliances that have been compromised through exploitation of CVE-2023-3519.


Decipher Podcast: John Checco

At Black Hat USA last week, John Checco, resident CISO at Proofpoint, talked about the new SEC cyber rule and its impact for CISOs.

Podcast, Black Hat Usa

The Search For Secure By Design

The U.S. government wants product manufacturers to treat the security of customers as a core business requirement, but there are still challenges that need to be tackled.

Black Hat

Lapsus$ Analysis Finds Need for Better IAM, MFA Deployments

A detailed analysis of the activities of the Lapsus$ hacking group by the Cyber Safety Review Board shows that a focus on the basics and better usage of IAM and MFA technologies are highly effective defenses.

Government, Lapsus$

Decipher Podcast: Katelyn Bowden and TC Johnson

Katelyn Bowden and TC Johnson join Dennis Fisher to discuss the release of Veilid, a new protocol built by members of the Cult of the Dead Cow that is designed to bring true privacy and anonymity to users.


CISA Director: We Need a ‘Sustainable’ Approach to Cybersecurity

Jen Easterly, director of CISA, said at Black Hat this week that the U.S. can learn important lessons on cyber resilience from how Ukraine has positioned its cyber defenses over the last decade.

Black Hat

Threat Actors Target Executives in EvilProxy-Powered Phishing Attacks

Attackers sent 120,000 phishing emails to over 100 organizations worldwide between March and June.

Phishing, Phishing Kits

Google to Patch Chrome Weekly

Beginning with Chrome 117, Google will ship stable channel updates on a weekly basis.


Microsoft Fixes 73 Flaws in August Patch Tuesday

Microsoft fixed one actively exploited vulnerability in its August patch Tuesday releases, along with 72 other bugs.


Attacks Against Citrix CVE-2023-3519 Bug Escalate

Three separate campaigns are targeting the critical flaw (CVE-2023-3519) in Citris NetScaler ADC and Gateway devices.


White House Wants to Bolster School District Cybersecurity

According to the White House, in last year’s academic year at least eight K-12 school districts in the U.S. were impacted by significant cyberattacks, and four of those caused schools to cancel classes or close completely.

Education, Ransomware