All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

Decipher Podcast: Feross Aboukhadijeh

Feross Aboukhadijeh, founder and CEO of Socket, joins Dennis Fisher to talk about the challenges of securing open-source projects, supply chain security, and the fragility of the open-source software ecosystem.

Podcast

U.S., Australian Government Agencies Warn of Play Ransomware Attacks

A new advisory from U.S. and Australian government agencies warns that the Play ransomware group has successfully infected at least 300 organizations since its emergence in June 2022, including critical infrastructure entities.

Ransomware

Microsoft Cracks Down on Fraudulent Outlook Account Sales

Microsoft has obtained a court order from the Southern District of New York allowing the company to seize U.S.-based infrastructure and take websites used by Storm-1152 offline.

Microsoft

CISA: Russian Threat Actors Exploiting TeamCity Flaw

U.S. government agencies warn that Russian threat actors have been exploiting a known vulnerability in TeamCity since late September.

Russia

CISOs Gear Up For Compliance With SEC Cyber Regulations

The compliance deadlines for the SEC's cyber rules are this week, and CISOs have spent the last few months preparing in various ways.

CISO, Sec

Memory Safe: Phil Venables

In Decipher’s latest Memory Safe episode, Phil Venables, CISO at Google Cloud, talks about how he came to work in the cybersecurity space, how CISOs can help prop up potential future CISOs, and “striving for secure products, not security products.”

Memory Safe

New Initiative Seeks to Bring Collaboration to AI Security

The new AI Safety Initiative from the Cloud Security Alliance involves Amazon, Microsoft, and OpenAI in an effort to build a collaborative framework for AI security.

Lazarus Group Log4j Attacks Spread New Malware Families

The campaign indicates a “definitive shift” in the threat group’s tactics as it continues to rely on non-traditional technologies and frameworks for developing its malware.

Malware, Lazarus

Apache Fixes Critical Struts Flaw

The Apache Software Foundation has released updates to address a critical file upload vulnerability (CVE-2023-50164) in Struts.

Apache

Decipher Podcast: Source Code 12/8

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code

U.S., UK Sanction Russian APT Members

The NSA, UK's National Cyber Security Centre (NCSC) and Microsoft detailed recent changes in TTPs from a known Russian threat group.

Russia, Government Agencies

Decipher Podcast: Nathan Hamiel

Nathan Hamiel, senior director of research at Kudelski Security, talks about the intersection between AI and cybersecurity.

Researchers Detail Sierra Wireless Router Bugs

Researchers are detailing 21 recently patched vulnerabilities that impact certain Sierra Wireless routers, including one critical-severity and nine high-severity flaws.

Flaw

ColdFusion Exploit Used to Access Federal Agency

In two separate intrusions, attackers exploited a ColdFusion vulnerability (CVE-2023-26360) to compromise an unnamed federal government agency.

Government

Russian Group Targeting Exchange Flaw

Fancy Bear, also known as APT28 and Forest Blizzard, has been targeting a Microsoft Exchange flaw (CVE-2023-23397) against targets in Poland.

Russia, Microsoft