SEARCH
All Articles
VMware Patches Critical Authentication Bypass Bug
The patch is available two weeks after the vulnerability was first disclosed on Nov. 14.
Apple Fixes Two Actively Exploited WebKit Bugs
The bugs (CVE-2023-42916 and CVE-2023-42917) enable sensitive information disclosure and arbitrary code execution.
U.S. and Allies Sanction Kimsuky Actors
The US and several allies have sanctioned eight North Korean nationals, including alleged members of the Kimsuky APT group.
CISA: Threat Actors Targeting Unitronics Devices Used in Water Facilities
CISA is urging water facilities in the critical infrastructure sector to change the default passwords on their Unitronics devices and disconnect them from the internet after a water treatment facility in Pennsylvania was hit by a cyberattack.
Okta Says Breach Affected All Support Customers
Okta officials said that the September intrusion in its customer support system affected every company in the Okta system.
Memory Safe: Shamla Naidoo
Shamla Naidoo of Netskope joins Dennis Fisher to discuss her journey from network admin to CISO.
International Operation Leads to Ransomware Ringleader Arrest
In a series of raids across Ukraine, the agencies apprehended several individuals that allegedly belong to the group, which has encrypted over 250 servers and cost large corporations several hundreds of millions of euros.
Ardent Health Services Impacted By Ransomware Attack
On the heels of a ransomware attack, Ardent said facilities are rescheduling elective procedures and diverting some emergency room patients to other local hospitals until systems are back online.
New AI Guidelines Focus on Safety and Security of Models, Data
New AI guidelines authored by CISA and the UK's NCSC stress the importance of secure design, development, deployment, and operation of AI models and tools.
Stealthy Malware Leverages MQTT Protocol in Spam Campaigns
Researchers observed thousands of spam emails delivering the WailingCrab malware that were sent to targets in North and South America, Europe and Asia.
Decipher Podcast: What We’re Thankful For
Dennis Fisher and Lindsey O'Donnell-Welch talk about some of things in the security community they're thankful for, and a couple of things they're not.
CISA Warns of Widespread Exploitation of Citrix Bleed Flaw
Citrix is urging impacted customers to update, but also recommends that they remove any active or persistent sessions and look for patterns of suspicious session use.
Morgan Stanley Fined $6.5M, Must Take Security Measures
The fine stems from two previously known Morgan Stanley data security incidents.
Four Threat Groups Targeted Zimbra Collaboration Flaw
Google's Threat Analysis Group has identified four separate campaigns targeting the Zimbra Collaboration vulnerability (CVE-2023-37580) in recent months.
Memory Safe: Merritt Baer
Merritt Baer, field CISO at Lacework and former member of the AWS office of the CISO, joins Lindsey O'Donnel-Welch in this week's Memory Safe episode to discuss her career arc, finding a true seat at the table as a security executive, and security as a business enabler.