Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

Ransomware Targets VMware ESXi Flaw

A wave of ransomware attacks is targeting VMware ESXi servers that are vulnerable to CVE-2021-21974.

Vmware, Ransomware

Linux Variant of Cl0p Ransomware Emerges

A Linux version of the Cl0p ransomware has been identified, but it has a flaw in its encryption routine that allowed researchers to build a decryptor for it.

Ransomware, Cl0p

Q&A: Wendy Nather

Wendy Nather, who leads the Advisory CISO team at Cisco, talks about the shift of security from a control organization to a service organization.

CISO Q&a

Atlassian Patches Critical Flaw in Jira

Atlassian has fixed a critical authentication bypass flaw in Jira Service Management.

Atlassian, Jira

Decipher Podcast: Michelle Finneran Dennedy

Michelle Finneran Dennedy, co-founder of Privacy Code and co-author of The Privacy Engineer's Manifesto, joins Dennis Fisher to talk about her new startup, her path from studying psychology to becoming the first chief privacy officer at Sun and Cisco, and what everyone gets wrong about privacy.

Podcast, Privacy

The Bigger the Party, the Bigger the Risks

New data compiled by Cyentia Institute and SecurityScorecard shows that 98 percent of organizations have a direct relationship with a company that has been breached recently.

Data Breach

New Flaw in F5 BIG-IP Emerges

A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.

F5

Exploit Attempts Against Fortinet VPN Bug Surge

Exploit traffic against the Fortinet VPN CVE-2022-43475 vulnerability have spiked in recent weeks.

Fortinet

VMware Fixes vRealize Log Insight RCE Bugs

Researchers have developed an exploit for a group of vulnerabilities in VMware vRealize Log Insight that can lead to remote code execution as root.

Vmware

GitHub Says Attacker Stole Encrypted Code-Signing Certificates for Desktop and Atom

An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.

Github

ISC Patches Serious DoS Flaw in BIND

The ISC has released a fix for a serious denial-of-service vulnerability in many versions of BIND 9.

DNS

U.S. Takes Down Hive Ransomware Infrastructure

The FBI and international alw enforcement agencies have taken down the Hive ransomware infrastructure.

Ransomware

Google Cracks Down on Dragonbridge Pro-China Information Operation

Google has disrupted more than 50,000 accounts linked to the Dragonbridge pro-China information operation in the last year.

China

Attacker Stole GoTo Customer Backups and Encryption Key

GoTo says an attacker stole some encrypted customer backups as well as an encryption key for some of those databases.

Lastpass, Data Breach

North Korean Attackers TA444 Shift Tactics

The TA444 threat group has changed its tactics in recent weeks, moving to new delivery methods and payloads.

North Korea