SEARCH
All Articles
Google Patches Two More Chrome Zero Days Used by Attackers
Google has fixed two vulnerabilities in Chrome that have been targeted by attackers in recent days.
Deciphering Johnny Mnemonic
Zoe Lindsey, Pete Baker, and Dennis Fisher break down the delightfully goofy and moderately incoherent 1995 film Johnny Mnemonic.
Trickbot Back on the Block
The Trickbot malware operation is back, with a fresh spam campaign delivering malicious Word documents.
Security Incidents Affect Victims Differently, Even the Mega-Breaches
Cyentia Institute analyzed some of the costliest, most damaging security incidents and found that they impacted organizations differently.
Privacy Labels for iOS and Mac Apps Are Coming
Starting Dec. 8, all iOS and Mac apps will be required to print "privacy labels" telling users upfront how the apps use their information, just as food manufacturers are required to print nutritional labels on food to provide nutrition information such as calories and ingredients.
Apple Fixes Three Flaws Exploited in the Wild
Apple has patched three bugs in iOS and macOS that have been exploited by attackers.
The Senators Who Will Set the Security and Privacy Agenda in Congress
Whether it's election security, nation-state attacks, or massive data breaches, there is growing pressure on Congress to do something. One way to suss out how the security and privacy agenda will unfold in the 117th Congress is to look at what these Senators have said and done previously.
Oracle Releases Emergency Patch for WebLogic Flaw
Oracle has pushed an emergency patch for CVE-2020-14750, a remotely exploitable flaw in its WebLogic application server.
Privacy Prevails at the Ballot Box
For many voters, Election Day in the United States was more than just about voting for government officials such as the president, lawmakers, judges, and sheriffs. They were also asked to weigh in on referendums, new state laws, and amendments to the state constitution.
Google Discloses Unpatched Windows Flaw Used in Attacks
A windows kernel bug (CVE-2020-17087) is being used in active targeted attacks alongside a recently fixed Chrome bug.
Decipher Podcast: Jeremy Kennelly
Jeremy Kennelly of Mandiant joins Dennis Fisher to discuss the spike in ransomware infections in health care organizations and how ransomware operators are evolving their tactics.
UK Regulator Tells Experian to Change Data Processing Practices
The United Kingdom’s Information Commissioner’s Office issued an enforcement notice against Experian last week, ordering the company to make “fundamental changes” to how it handles consumer data.
CISA, Microsoft Warn of Continued Attacks on Zerologon Bug
The Zerologon (CVE-2020-1472) vulnerability is continuing to draw attention from attackers and Microsoft is urging enterprises to patch immediately.
If Catching All Attackers Is the Goal, A New Path is Needed
Stairwell, a new startup founded by Google and Chronicle veteran Mike Wiacek, aims to help more organizations stop high-level attackers.
KashmirBlack Botnet Targets Unpatched CMS Software
The KashmirBlack botnet exploits multiple flaws in popular content management systems (CMS) is behind millions of attacks per day, including mining for cryptocurrency, redirecting website traffic to spam sites, and defacing websites, Imperva said.