Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

TSA Updates Security Requirements For Pipeline Operators

The revised Security Directive aims to give natural gas and oil pipeline operators more flexibility in how they implement security measures.

TSA, Operational Technology

New CosmicStrand UEFI Rootkit Variant Found

Kaspersky researchers have found a new UEFI rootkit called CosmicStrand that infects the firmware of some specific motherboards.

Malware, China

Decipher Podcast: Source Code 7/22

Welcome back to Source Code, Decipher’s weekly security news podcast with input from our sources.

Podcast, Source Code

Atlassian Warns Confluence Users of Critical Hardcoded Credentials Bug

After an external party publicly disclosed the hardcoded password on Twitter, Atlassian said the issue is "likely to be exploited in the wild."

Flaw, Atlassian

Threat Actor Targets Financial Entities With Evilnum Malware

The threat actor has been observed targeting companies with operations supporting foreign exchanges and cryptocurrency, and organizations in the Decentralized Finance (DeFi) industry.

Malware

Justice Department Seizes $500K From North Korean Ransomware Group

U.S. authorities seized a half million dollars and disrupted the activities of a North Korean state-sponsored group.

North Korea, Ransomware

CloudMensis macOS Malware Steals Sensitive Data

The previously undisclosed macOS malware was observed as part of a targeted operation with the end goal of exfiltrating sensitive information from victims.

Macos, Macos Security, Apple

Decipher Podcast: Mark Arena

Intel 471 CEO Mark Arena talks about the process behind monitoring threat actors and how cybercrime is evolving.

Podcast

FBI: Fake Cryptocurrency Apps Defrauded Hundreds of U.S. Investors

U.S. investors have been scammed out of millions by cybercriminals impersonating legitimate cryptocurrency investment apps.

Cryptocurrency

Decipher Podcast: Source Code 7/15

Welcome back to Source Code, Decipher’s weekly news wrap podcast with input from our sources.

Source Code

North Korean Threat Actors Target Small Businesses With Ransomware

The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.

Microsoft, North Korea

Cyber Safety Review Board: Exploitation of ‘Endemic’ Log4j Flaw Will Evolve

The Cyber Safety Review Board’s report on the Log4j flaw pointed to an open-source software ecosystem riddled with security challenges.

Log4j

New Retbleed Speculative Execution Flaw Emerges

A new speculative execution flaw called Retbleed affects many AMD and Intel chips running any modern operating system.

Hardware Security, Intel, Spectre

U.S. Journalists Targeted in ‘Sustained Effort’ By APTs

The espionage attacks by APTs from China, North Korea and elsewhere started in 2021 and have continued in recent months.

Journalist Security

Ransomware Landscape Evolves in a Post-Conti World

The release of LockBit 3.0 is making waves in a ransomware ecosystem that has been reshaped due to Conti shutting down its operations.

Ransomware