Digging Into FIN7’s Latest Tools and Tactics
FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
Decipher Podcast: George Barnes
Former NSA Deputy Director George Barnes joins Dennis Fisher to talk about his 35-year career at the agency, how he came to be
Heat, Kelso and the Hacker Mindset
In the 1995 classic Heat, the character Kelso is an old-school hacker with a background as a DARPA scientist who uses his
Decipher Podcast: Feross Aboukhadijeh
Feross Aboukhadijeh, founder and CEO of Socket, joins Dennis Fisher to talk about the challenges of securing open-source projects, supply chain security, and the fragility of the open-source software ecosystem.
New Initiative Seeks to Bring Collaboration to AI Security
The new AI Safety Initiative from the Cloud Security Alliance involves Amazon, Microsoft, and OpenAI in an effort to build a collaborative framework for AI security.
Apache Fixes Critical Struts Flaw
The Apache Software Foundation has released updates to address a critical file upload vulnerability (CVE-2023-50164) in Struts.
ColdFusion Exploit Used to Access Federal Agency
In two separate intrusions, attackers exploited a ColdFusion vulnerability (CVE-2023-26360) to compromise an unnamed federal government agency.
Russian Group Targeting Exchange Flaw
Fancy Bear, also known as APT28 and Forest Blizzard, has been targeting a Microsoft Exchange flaw (CVE-2023-23397) against targets in Poland.