SEARCH
All Articles
Google: Zero-Day Attacks Surged in 2023
Google reported that 97 flaws were exploited in the wild in 2023, up 50 percent from the number of zero-day attacks recorded in 2022.
Decipher Podcast: Jack Cable
Jack Cable, senior technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA), talks about his past experiences with bug bounty programs, CISA’s Secure By Design initiative and its efforts to help secure the open-source software ecosystem.
Critical Fortinet Flaw Now Actively Exploited
Fortinet earlier this month disclosed and issued a patch for the flaw (CVE-2023-48788), which exists in FortiClientEMS, its central management solution for endpoints.
APT29 Phishing Attack Targets German Political Parties
Researchers observed APT29 using phishing emails in order to target German political parties with a new backdoor variant in late February.
U.S. Sanctions, Indicts Alleged Members of Chinese APT31
The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven people alleged to part of China's APT31 threat group.
Q&A: Karen Habercoss
Karen Habercoss, chief privacy officer with UChicago Medicine, talks to Decipher about the unique data privacy and security challenges that the healthcare sector faces, and how organizations in this industry are approaching areas like AI and identity management.
Ransomware, Backdoors Deployed in JetBrains Flaw Attacks
Researchers released further details about exploitation campaigns targeting the critical-severity JetBrains flaw.
Threat Actor Exploits F5, ConnectWise Flaws to Target U.S. Orgs
A threat actor has been observed exploiting various previously disclosed flaws to gain access to various U.S. governments and research organizations.
TinyTurla-NG Backdoor Has Big Capabilities
New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.
Ivanti Patches Critical RCE Standalone Sentry Flaw
At the time of disclosure, Ivanti said it is not currently aware of the flaw being exploited.
U.S. Government Doubles Down on Chinese APT Warnings
“The PRC’s inside the house,” said Andrew Scott, associate director for China operations with the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
New AcidPour Wiper Malware Found in Ukraine
SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.
Decipher Podcast: Brian Donohue on the 2024 Threat Detection Report
Brian Donohue of Red Canary joins Dennis Fisher to talk about some of the surprising findings from the company's new 2024 Threat Detection Report, including why identity based attacks continue to work so well and how attackers are approaching the shift to the cloud.
DHS Charts Out AI Security Strategy
The Department of Homeland Security said cybersecurity is a significant challenge for AI and it plans to work to identify the security risks that are associated with these technologies.
Decipher Podcast: Source Code 3/15
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.