Security news that informs and inspires

All Articles

1587 articles:

Decipher Podcast: Source Code 4/29

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

New Bumblebee Malware Loader in Active Development

Researchers speculate that the emerging loader is a replacement for the BazaLoader malware.

Malware

Behind the Rapidly Shifting Ransomware Ecosystem

Many of the top ransomware groups in 2021 have disappeared, while several new groups have emerged with high levels of activity.

Ransomware

ProxyShell, Log4J Among Most Commonly Exploited Bugs in 2021

The ProxyShell, Log4J, and Zerologon bugs were among the most commonly exploited ones in 2021, according to a new advisory from the NSA and other agencies.

Nsa, Proxyshell

Decipher Podcast: Don Smith

Don Smith of the Secureworks CTU joins Dennis Fisher to discuss the effects of the Conti leaks, the ransomware landscape, and how law enforcement and researchers are countering attackers' ploys.

Podcast, Ransomwa

APT Groups Exploit Known VMware RCE Flaw

Sophisticated threat groups started closing in on the VMware remote code execution flaw a week after a patch was deployed.

Vmware, Flaw

Microsoft Uncovers ‘Nimbuspwn’ Flaws in Linux Service

Microsoft researchers found a group of vulnerabilities dubbed Nimbuspwn in a Linux service named networkd-dispatcher that can lead to root privileges.

Linux, Microsoft

Emotet ‘Test’ Campaign Leverages OneDrive, XLL Files

A recent Emotet campaign with significant TTP changes reveal that attackers may be moving away from macros-based attacks given Microsoft’s recent plans to block VBA macros by default.

Emotet, Malware

Novel BlackCat Ransomware Tactic Speeds Up Encryption Process

A March 17 BlackCat ransomware incident revealed how the attackers are working to speed up the process of encryption using a new communication protocol.

Ransomware

Okta Ends Investigation Into Lapsus$ Breach

Identity provider Okta has finished the investigation into a January breach by hacking group Lapsus$ at one of its third-party providers and says it affected far fewer customers than initially feared.

Okta

Decipher Podcast: Source Code 4/22

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Lemon Duck Botnet Targets Exposed Docker APIs

The prolific botnet, which previously targeted vulnerable Microsoft Exchange servers, is now gaining initial access via exposed Docker APIs.

Docker, Cryptomining, Botnet

Chinese Cyber Espionage APTs Refocus Strategy

A recent report shows how a smaller set of Chinese APT actors have emerged in the past few years with 'more focused, professionalized, and sophisticated attacks.'

Apt, China

Java Crypto Bug Allows Forging of Signatures, Certificates

A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to deliver virtually any payload.

Java, Oracle

FBI Seeks Further Info on BlackCat Amid Ransomware Attacks

Since its emergence in November, the BlackCat ransomware group has racked up at least 60 victims worldwide.

Ransomware