Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

CISA: Old Bugs Still Get the Most Attention From Attackers

An analysis by CISA of commonly exploited vulnerabilities in 2022 shows that most of the targeted flaws are at least a year old and many are much older than that.

Government, CISO

Decipher Podcast: Black Hat USA Preview

Decipher editors Lindsey O'Donnell-Welch and Dennis Fisher discuss the top sessions, keynotes and trends to look out for at Black Hat USA in Las Vegas next week.

Source Code, Podcast

Decipher Podcast: Chris Kirsch

Chris Kirsch, CEO of runZero, joins Dennis Fisher to talk about the problem of trying to secure what you don't know you have, asset management, and his history in the original crypto war.

Podcast

Russian Threat Actor Leverages Microsoft Teams in Phishing Attacks

Researchers with Microsoft on Wednesday said that the threat actor has used a “highly targeted” social engineering attack to hit 40 global organizations.

Microsoft, Phishing

Russia-Linked Group Resurfaces With New Infrastructure

Researchers observed 94 new domains associated with a known Russia-linked espionage threat group.

Phishing

New Ivanti MobileIron Core Bug Emerges

Rapid7 researchers have found a new flaw (CVE-2023-35082) in Ivanti MobileIron Core 11.2 and earlier.

Ivanti

Ivanti Patches Second Zero Day in Mobile Management Software

The actively exploited flaw in Ivanti Endpoint Manager Mobile can be used in conjunction with another zero day addressed last week.

Zero Day, Flaw

Less Than Zero Day: What’s Causing the Drop in Usage of Unknown Bugs

The number of zero days detected in the wild in 2022 dropped 40 percent from the previous year, but researchers say that doesn't mean we're getting better at security.

Zero Days, Google

Decipher Podcast: Source Code 7/28

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

CISO Interview: Dave Lewis

In this CISO interview, Decipher talks to Dave Lewis, Global Advisory CISO at Cisco, about breaking barriers between CISOs and other players across the organization.

CISO Interview

SEC Rule Will ‘Change Playbook’ on Cyber Incident Management

New requirements approved by the SEC this week will impact how publicly traded companies disclose cyber incidents, data risk management and oversight by the board of directors of security policies.

Incident Response, Ciso Concerns

CISA: Valid Accounts and Phishing Still Effective for Initial Access

A new CISA analysis of risk and vulnerability assessments at government agencies shows that the use of valid credentials and spear phishing are still the most effective initial access vectors.

Government

New Tech Coalition Aims to Improve Network Resilience

A new coalition of tech companies, including AT&T, Cisco, Verizon, and VMware, is aiming to address the challenges to global network resilience.

Government, Critical Infrastructure

Apple Fixes Actively Exploited Kernel Flaw

The Apple kernel flaw is the third bug related to the Operation Triangulation campaign.

Iphone Security, Macos, Apple

North Korean Attackers Target Cryptocurrency Via JumpCloud Compromise

The North Korean threat actor is leveraging the supply-chain attack to target MacOS keychains and reconnaissance data.

Supply Chain Security