The Iranian APT group known as Charming Kitten has been using a new tool called HYPERSCRAPE to steal the contents of Gmail, Yahoo, and Outlook 365 inboxes.
Researchers have disclosed a bug in some versions of CrowdStrike Falcon that allows an attacker with admin privileges to uninstall the security agent.
Microsoft has been tracking a recent cryptojacking campaign that abuses Windows binaries to stay hidden.
APT29, the threat actor linked to the SolarWinds hack, is abusing various Azure features in recent attacks against organizations that influence the foreign policy of NATO countries.
Welcome back to Source Code, Decipher’s news wrap podcast that includes input from our sources.
The small cybercrime actor is upping its operational tempo in 2022 against hospitality organizations like hotels and travel companies.
Peter Mackenzie, director of incident response at Sophos, and Chester Wisniewski, principal research scientist at Sophos, talk about why more ransomware attackers are clustering onto vulnerable networks - sometimes simultaneously.
Apple and Google have released fixes for iOS and macOS, and Chrome, respectively, to address bugs that have been exploited in the wild.
Attackers are eyeing known vulnerabilities in the Zimbra collaboration suite to target government and private sector organizations.
RubyGems is now requiring projects with more than 180 million downloads to use MFA, and may extend the requirement to other projects.
Microsoft observed the threat actor, which it tracks as Seaborgium, targeting over 30 organizations since 2022 started.
The FTC may consider rules to address the abuses of commercial surveillance by ad tech companies and platform providers.
The Zero Day Initiative cited a decrease in patch quality that is leading to many issued fixes being faulty or incomplete.
Welcome back to Source Code, Decipher’s weekly news wrap podcast with input from our sources.
Bug bounty programs can be invaluable, but without the proper resources in place, they will fail hard.