Enterprises are patching more high-risk vulnerabilities faster now than just a year ago, new data from Kenna Security shows.
The Phosphorus attack group, also known as Charming Kitten, recently targeted medical researchers in a new spear phishing campaign.
A new malware campaign that targets gamers with the promise of cheat codes could have repercussions for enterprise employees working remotely on personal machines.
Weaknesses in operational technology systems are becoming prime targets for attackers, thanks to difficulties in patching complex systems.
Decipher's new executive editor, Lindsey O'Donnell-Welch, joins Dennis Fisher to talk about getting into security journalism, the challenges of telling highly technical stories, and how it can help defenders do their jobs more efficiently.
An attacker pushed two malicious commits to the PHP source code Git server on Sunday, adding a backdoor, which was quickly removed.
SolarWinds is testing a system of parallel build servers to help prevent a future supply chain attack on its infrastructure.
Zoe Lindsey, Pete Baker, and Dennis Fisher dive deep into the dark web (or whatever Hollywood thinks it is) to decipher the jumbled plot and wild philosophy of Dark Web: Cicada 3301, which is a movie that definitely exists.
OpenSSL has patched a bug that could have allowed a certificate that was not issued by a valid CA to slip into the certificate chain.
Removing the background noise from the Internet can give security analysts the context necessary to find the attacks that matter, says GreyNoise founder Andrew Morris.
There are still nearly 30,000 Exchange servers vulnerable to the ProxyLogon bug, with ransomware attacks and public exploits circulating.
Full chain exploits are in use against a critical flaw (CVE-2021-22986) in the F5 BIG-IP system.
Extending the requirement for vulnerability disclosure policies from federal agencies to their suppliers is not a quick fix for supply chain security issues.
The attackers behind the SolarWinds breach also gained access to and downloaded some Mimecast source code repositories.
Andrew Morris, founder of GreyNoise, joins Dennis Fisher to talk about the unique origins of the company and the security case for removing all of the background noise from the Internet to find what really matters.