All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

Ingredient List Only Part of the Recipe to Fix Supply Chain Security

The requirement for vendors to provide a software bill of materials for the apps they sell to federal agencies will only address part of the supply chain risk, experts say.

Government, Software Security, Solarwinds

Apple Fixes MacOS Flaw Abused in XCSSET Malware Attacks

Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.

Apple, Vulnerability, Malware, Zero Day

VMware Patches Critical Flaw in vCenter

VmWare has released updates for a critical flaw in several versions of its vCenter Server virtualization product that can be used for remote code execution.

Vmware

Cyber Insurance Industry Grapples With Evolving Security Risks

As demand for cyber insurance skyrockets, insurers are scrutinizing specific security risk factors more carefully when determining the cost and affordability of coverage.

Cybersecurity Insurance

DarkSide Affiliates Looking to Get Paid in Full

The shutdown of the DarkSide ransomware group has affiliates seeking resolution for unpaid ransom fees.

Ransomware

Decipher Podcast: Troy Hunt

Lindsey O'Donnell-Welch talks with Troy Hunt, founder of Have I Been Pwned, about the biggest challenges facing the security industry when it comes to credential stuffing and data breaches.

Podcast, Data Breaches

Phorpiex and the Versatility of Botnets

Decade-old botnets continue to adapt to the current threat landscape, as seen through the wide-ranging malicious activities of the resilient Phorpiex botnet.

Botnet, Phorpiex, Ransomware

Q&A: Kimberly Goody

Kimberly Goody of the FireEye cyber crime analysis team explains the ransomware-as-a-service model and the recent changes some groups have made to their operations.

Ransomware

Savvy Voice-Based Attacks Add Social Engineering Layer

Attackers are building innovative voice-based social engineering tactics into their malware and phishing campaigns.

Malware, Phishing, Social Engineering

Attackers Focused on SolarWinds Network as Early as January 2019

The APT29 attackers who targeted SolarWinds were doing reconnaissance on the company's network as early as January 2019.

Solarwinds

Decipher Podcast: Kimberly Goody

Dennis Fisher talks with Kimberly Goody from FireEye's cybercrime analysis team about the DarkSide ransomware operation, the emergence of the ransomware-as-a-service model, and what might be next for these groups.

Podcast, Ransomware

SolarWinds: A Harbinger For a National Data Breach Reporting Law

The disclosure of the SolarWinds attack by FireEye is encouraging for the development of a national data breach reporting law, government and private-sector experts say.

Rsa2021, Solarwinds, Data Breach Notification

Amid Cyber Workforce Crunch, CISOs Think Outside the Box

With the cyber workforce gap looming, security hiring managers are looking in unconventional places and tweaking their job descriptions to appeal to candidates with "soft skills."

Rsa2021, Cyber Security, Cyber Workforce, CISO

Better Living Through Resilience

The SolarWinds breach, ransomware epidemic and other threats have emphasized the urgent need for more resilient systems.

Rsa2021, Cryptography

Federal Agencies Pinpoint 5G Security Woes

A 5G threat vector analysis by several federal agencies pointed to existing legacy infrastructure deployment weaknesses and supply-chain security challenges.

5g, Network Security