SEARCH
All Articles
Extensive Fraud Network Found Using Malicious Chrome Extensions
A long-running ad fraud campaign that was using more than 500 malicious Google Chrome extensions has been identified and halted by researchers.
Browsers Will Block Sites Using Old Versions of TLS
Starting in March 2020, all the major web browsers—Firefox, Chrome, Safari, and Edge—will display warnings when users visit websites that only support Transport Layer Security (TLS) versions 1.0 or 1.1. Users will be unable to visit those sites.
Decipher Podcast: Riana Pfefferkorn
Riana Pfefferkorn of the Center for Internet and Society at Stanford University joins Dennis Fisher to discuss encryption, privacy, and the draft of the EARN IT Act.
FBI Says BEC Scam Losses Dwarf Ransomware
The FBI IC3 Internet Crime Report shows more than $1.7 billion in looses from BEC scams, far more than from any other kind of cybercrime activity it tracks.
Serious Bluetooth Flaw Fixed in Android Update
Google has patched a critical Bluetooth flaw in Android that could give an attacker control of a vulnerable device without any user interaction.
US Charges Chinese PLA Members in Equifax Breach
The Department of Justice indicted four members of China's People's Liberation Army in connection with the Equifax data breach in 2017.
Malware Backdoor Campaign Targets Financial Services
An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.
Cisco Fixes CDP Flaws in Routers, Switches
Cisco has patched five serious vulnerabilities that affect routers, switches, and IP phones and cameras with the Cisco Discovery Protocol enabled.
Web Shell Attacks Continue to Cause Problems
Web shell attacks have been on the rise in recent months, as many APT groups employ them against enterprises.
Maybe FCC Will Punish Mobile Carriers That Sold Location Data
While FCC chairman Ajit Pai said at least one wireless carrier sold location data in violation of federal law, it is far from clear whether the offending entity will face any penalties.
Sudo Flaw Grants Root Privileges
A flaw in the sudo utility could allow a local user to gain root privileges if the pwfeedback option is enabled.
Make It Harder to Phish One-Time Passcodes Sent Over SMS
A proposal that would standardize the format of SMS messages being used in two-factor authentication schemes has a simple goal: make users relying on those one-time passcodes less susceptible to phishing attacks.
For Whom the Bill Tolls: Encryption
A proposed bill by Sen. Lindsey Graham to prevent online child exploitation imagery could have a disastrous effect on end-to-end encryption.
Enterprise Laptops Still Vulnerable to Memory Attacks
Attackers can exploit vulnerabilities in how laptops use memory to force the machine to execute unauthorized code while it is booting up, giving them unauthorized privileges and access to information, researchers said.
The Growing Overlap of Disinformation and Security
Disinformation campaigns and cyber operations are intersecting more and more often, as actors become more sophisticated in their use of both tactics in their operations.