Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

New Alchimist C2 Framework Emerges

Researchers at Cisco Talos have uncovered a new all-in-one C2 framework called Alchimist that has implants called Insekt for Windows and Linux.

Malware

Decipher Podcast: David Agranovich

David Agranovich, director of threat disruption with Meta, discusses how threat groups are evolving their targeting of social media platforms in malware and espionage campaigns.

Facebook, Podcast

Microsoft Fixes Actively Exploited Windows Privilege-Escalation Bug

Meanwhile, two exploited Exchange flaws that publicly emerged two weeks ago were not addressed in Microsoft’s update.

Microsoft, Patch Tuesday

Hardcoded Private Key Leads to Full Control of Some Siemens PLCs

A newly discovered flaw (CVE-2022-38465) in some Siemens S7 PLCs can allow an attacker to extract the hardcoded private key of the controller and gain complete control.

ICS, Siemens

Caffeine: A ‘Readily Accessible’ Phishing-as-a-Service Platform

Researchers said a new phishing-as-a-service platform features an entirely open registration process that makes it easier for cybercriminals to leverage.

Phishing, Phishing Kits

Q&A: Juan Andres Guerrero-Saade

Juan Andres Guerrero-Saade, senior director at SentinelLabs, discusses the newly discovered Metador APT group.

Metador

Log4j, ProxyLogon Among Top Flaws Exploited by Chinese Threat Groups

The NSA, FBI and CISA revealed the top CVEs exploited since 2020 by Chinese threat actors to gain initial access to sensitive networks.

Log4j, China

Researchers Warn of Unpatched, Actively Exploited Zimbra Flaw

Zimbra has published mitigations against the actively exploited flaw (CVE-2022-41352) in Zimbra Collaboration Suite; however, it has yet to issue a fix.

Zimbra, Vulnerability

Decipher Podcast: Source Code 10/7

Welcome back to Source Code, Decipher’s weekly news wrap podcast.

Podcast, Source Code

Decipher Podcast: Juan Andres Guerrero-Saade

Dennis Fisher talks with Juan Andres Guerrero-Saade, senior director at SentinelLabs, about the investigation into the new Metador APT group that he and his colleagues unveiled at LabsCon recently.

Podcast

APTs Stole Sensitive Data From Defense Industrial Base Facility

The FBI, NSA and CISA are highlighting IoCs and TTPs used in an attack on a defense industrial base organization that leveraged compromised credentials, a custom data exfiltration tool and the Impacket open-source toolkit.

APT

CISA Directive Aims to Help Federal Agencies Detect Flaws on Network

CISA hopes the new directive will improve and provide measurable processes for asset detection and vulnerability discovery across U.S. federal agencies.

Federal Cybersecurity

Bumblebee Loader Evolves to Drop New Payloads

The Bumblebee malware loader is delivering separate payloads for different machines and using new evasion techniques.

Malware

Lazarus Group Exploited Dell Driver Flaw to Disable Windows Monitoring Features

Researchers said the Lazarus Group attacks were the first recorded abuse of the known Dell driver flaw (CVE-2021-21551) in the wild.

Dell, Windows

Attackers Exploiting Two Microsoft Exchange Zero Days

Attackers are exploiting two new Microsoft Exchange zero days ( CVE-2022-41040 and CVE-2022-41082) in the wild. Microsoft is working on a patch.

Microsoft, Zero Day