SEARCH
All Articles
Play Ransomware Group Using New ProxyNotShell Exploit
Play ransomware actors have been using a previously undocumented exploitation method for the ProxyNotShell Exchange flaws.
Q&A: Andy Greenberg
Andy Greenberg, author and journalist at Wired, recently joined Dennis Fisher on the Decipher podcast to discuss his new book Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, which tells the stories of the people who hunted the operators of several major dark web markets.
Q&A: Helen Patton
Helen Patton, CISO for the Security Business Group at Cisco, discusses why it’s vital for CISOs to be able to “talk about security things in non-security ways with non-security people.”
Ukrainian Organizations Hit With New Supply Chain Attack
Mandiant researchers recently discovered a new software supply chain attack that targeted Ukrainian government agencies with trojanized Windows installers.
Microsoft-Signed Malicious Driver Used in Pre-Ransomware Intrusions
Researchers have found a malicious driver signed by Microsoft used in the lead up to Hive and Cuba ransomware deployments.
Decipher Podcast: Andy Greenberg on Tracers in the Dark
Wired journalist and author Andy Greenberg joins Dennis Fisher to discuss his new book Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, which tells the stories of the agents, academics, and security experts who tracked the admins of the Silk Road, AlphaBay, and other darknet markets through specialized blockchain tracing techniques.
APT5 Exploiting New Flaw in Citrix ADC and Gateway
APT5, a Chinese threat group, has used a newly discovered flaw (CVE-2022-27518) in Citrix ADC and Gateway to target a small number of organizations.
CISA Warns of Serious Flaws in Rockwell Automations PLCs
CISA is warning about a denial-of-service flaw in several lives of Rockwell Automation controllers, as well as a SQL injection bug in Advantech iView.
Fortinet Warns New Critical Fortigate Bug Has Been Exploited
A new critical vulnerability (CVE-2022-42475) in Fortinet's Fortigate firewall has been actively exploited.
Apple to Encrypt iCloud Backups, Enable Hardware Security Keys for 2FA
Apple plans to enable end-to-end encryption for iCloud backups and allow people to use hardware security keys for 2FA in the coming months.
Cobalt Mirage Actors Deploying Drokbk Malware in Recent Campaigns
The Iranian Cobalt Mirage threat group has been using the Drokbk malware in recent intrusions and employing GitHub repositories as dead drop resolvers.
Q&A: Haroon Meer
Haroon Meer, hacker and founder of Thinkst, talks with Dennis Fisher about the current economic downturn and its effects on the security industry, as well as the value of listening to customers.
North Korean APT37 Used Internet Explorer Zero Day
A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).
Decipher Podcast: Haroon Meer Returns
Haroon Meer of Thinkst joins Dennis Fisher to talk about the state of the security industry, the value of treating customers with respect, and what the economic downturn could mean for the security community.
Trio of MegaRAC BMC Flaws Could Have Long Range Effects
Three vulnerabilities in the MegaRAC BMC firmware affect a long list of servers and could have seriious long term effects.