SEARCH
All Articles
UCSF Pays Portion of $1.14M Ransom to Regain Medical School Data
The University of California San Francisco paid some of the $1.14 million ransom to regain access to data encrypted by ransomware on its School of Medicine servers.
Palo Alto Fixes Critical Authentication Bypass Flaw
Palo Alto Networks has patched a critical flaw in many of its products that support SAML-based authentication for SSO.
Bills Would Ban Federal Use of Facial Recognition
Legislation introduced in both the House and Senate would ban the use of facial recognition systems by federal entities.
New Bill Takes Direct Aim at Encrypted Devices and Services
The Lawful Access to Encrypted Data Act introduced this week would require device makers and service providers to create exceptional access to encrypted data at rest and in motion.
Decipher Podcast: Melanie Ensign on Security Communications
Melanie Ensign, CEO and founder of Discernible Communications, joins Dennis Fisher to talk about what effective security and privacy communications look like.
Evil Corp Deploys New WastedLocker Ransomware
The Evil Corp group responsible for the Dridex malware is using a new ransomware called WastedLocker that targets cloud services and backups.
Password Spraying Leads to Compromise of Cloud Identities
The Holmium threat group has been using password spraying attacks against Office 365 to gain access to corporate networks.
Enterprise, Embedded Devices at Risk From Ripple20 Bugs
Hundreds of millions of embedded and enterprise devices are vulnerable to a long list of flaws in the Treck TCP/IP stack.
Unnamed Web Host Hit With DDoS Attack
Attackers launched a massive distributed denial-of-service against a specific website hosted by a hosting provider in early June. Not only was the 1.44 terabit-per-second DDoS attack the largest Akamai has seen to date, it was also one of the most complex to resolve.
Pandemic-Related Malware Activity Falling Off
Malware and phishing campaigns preying on interest in the COVID-19 crisis have spiked but are now falling off in many places.
Intel to Add Hardware Defense Against Subtle Attacks
Intel's new Control-Flow Enforcement Technology will be built into its forthcoming Tiger Lake processors and integrated with Windows 10.
Networked Devices Will Stop Working As Root Certificates Expire
As the original root certificates begin to expire, more and more networked devices, including smart devices and internet of things, will stop working. They won't be able to connect online to services unless they are updated, and that is easier said than done.
FBI Warns of Increase in Banking Trojan Attacks
The FBI is warning of a potential spike in mobile banking app attacks resulting from a drop in the number of people visiting physical bank branches.
Critical Flaw Patched in Windows SMB
Microsoft fixed a critical remote code execution flaw in the SMBv1 protocol in many of the current Windows versions.
Flaw in Plug-and-Play Protocol Exposes Devices to Data Theft, DDoS Attacks
Billions of network-connected devices, such as printers, routers, smart TVs, and video game consoles, are open to attack via the CallStranger vulnerability in the Universal Plug and Play (UPnP) protocol.