‘Zero Day Piled on Zero Day’
Edge devices have become the go-to targets for cybercriminals and state actors, and experts say that will continue for the
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
Verizon DBIR: Enterprises Know the Pain of Zero Day Exploits All Too Well
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches
Cactus Ransomware Group Targets Qlik Sense Servers
Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.
LNK Files Link Bumblebee With Qakbot, IcedID Malware
By looking at metadata in LNK files in recent campaigns, Talos researchers have linked the Bumblebee malware with the Qakbot and IcedID malware groups.
CISA Warns of Serious Flaws in CONPROSYS HMI Software
A set of serious flaws in the Contec CONPROSYS HMI software that could allow remote code execution have been addressed in an update.
Bill Would Provide Funding for Security Research on Energy Infrastructure
A new bill would provide funding for security research at the university level into threats to the energy sector.
Attacks Target Control Web Panel Flaw
Exploit attempts are ramping up against a flaw in Control Web Panel that allows unauthenticated remote code execution.
Decipher Podcast: Chris Eng on the State of Software Security
Chris Eng, chief research officer at Veracode, joins Dennis Fisher to discuss the company's new State of Software Security report, whether we're getting better at fixing bugs, and the fragility of open source projects an the software supply chain.