Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

More APTs Eye Managed Service Providers in Supply Chain Attacks

Overall, threat actors aligned with Russian, Iranian and North Korean state interests have increasingly targeted small and medium-sized businesses.

Managed Service Providers

Decipher Podcast: Megan Stifel Returns

Megan Stifel, chief strategy officer for the Institute for Security and Technology and executive director of the Ransomware Task Force, talks about the multitude of efforts being made in tackling the ransomware threat landscape.

Podcast, Ransomware Task Force, Ransomware

BlackCat Ransomware Actors Use Malicious Drivers to Evade Detection

Researchers said that malicious Windows kernel drivers will continue to be used by sophisticated groups that have the skills and resources needed to develop such tools.

Ransomware, Windows

Lazarus Group Targets IIS Servers

The Lazarus Group has been compromising vulnerable IIS servers in an ongoing campaign.

North Korea

Apple Fixes Three Actively Exploited WebKit Flaws

The Apple vulnerabilities (CVE-2023-32409, CVE-2023-28204 and CVE-2023-32373) exist in WebKit.

Apple, Webkit, Ios

Decipher Podcast: Source Code 5/19

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Podcast, Source Code

Malicious NPM Packages Hid TurkoRat Infostealer

Researchers said that it "is difficult to measure" the potential long-term impact of TurkoRat infections on developer systems.

Npm Packages, Malware

MacOS Attackers Likely to Abuse Go-Based Cobalt Strike Variant

Researchers warn that a Go-based implementation of Cobalt Strike beacons, called "Geacon," is lucrative for threat actors in attacks targeting macOS.

Macos, Cobalt Strike

CISA Warns BianLian Ransomware Group Has Moved to Extortion Model

In a new advisory, the FBI and CISA warn that the BianLian ransomware group has moved to a data theft and extortion model.

Ransomware

U.S. Hits Alleged Key Ransomware Actor With Charges, Sanctions

The Russian national allegedly used three well-known ransomware variants - LockBit, Babuk and Hive - to target critical infrastructure victims.

Ransomware, Lockbit, Hive

Microsoft Azure Serial Console Abused in UNC3944 Attacks

An UNC3944 attack highlights how threat actors can abuse legitimate cloud resources for various purposes after compromising the Azure administrator's account.

Azure, Azure AD, Microsoft

Camaro Dragon Group Targets Routers With Malicious Firmware

A Chinese state-affiliated attack group known as Camaro Dragon is targeting some TP-Link routers to install malicious firmware images.

China

Newly Discovered Backdoor Used in Lancefly APT Attacks

A "powerful" backdoor has been uncovered in highly targeted, intel-gathering APT attacks.

APT, Backdoors

Decipher Podcast: Source Code 5/12

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Ransomware Group Exploits PaperCut Flaw in Education Sector Cyberattacks

CISA warned that a ransomware group exploited vulnerable PaperCut servers in May in order to target the education facilities subsector.

Ransomware, Education