Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

Decipher Podcast: Daniel dos Santos

Daniel dos Santos, head of security research with Forescout, talks about a set of over 50 vulnerabilities discovered in operational technology (OT) devices from 10 different vendors.

Podcast, Operational Technology

New ToddyCat APT Targets Exchange Servers

An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.

APT

The Cat and Mouse Game of Crypto Money Laundering

Ransomware actors are getting better at laundering their proceeds from attacks - but law enforcement authorities are also getting better at tracking illicit cryptocurrency funds down.

Cryptocurrency, Ransomware

Decipher Podcast: Source Code 6/17

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code

CISA Releases New Proposed Cloud Security Guidance

CISA is asking for public comment on a new set of cloud security guidance for federal agencies.

Government, Cloud Security

Microsoft Windows Update Fixes Known, Actively Exploited Flaw

Microsoft issued a patch for the Follina vulnerability, which was first disclosed in May and has been under active exploitation by attackers.

Microsoft

U.S., Israeli Officials Targeted in Spear-Phishing Operation

A targeted spear-phishing operation leveraged sophisticated social engineering tactics in order to collect personal information about high-ranking officials in the U.S. and Israel.

Spear Phishing

Attackers Exploit Confluence Bug to Drop Ransomware, Webshells

Exploitation of a critical, recently patched Atlassian Confluence bug continues to ramp up.

Atlassian, Rce

Prolific Ransomware Affiliate Groups Deploy BlackCat

The BlackCat RaaS continues to pose a bigger threat as two well-known ransomware affiliates have added the payload into their arsenal.

Ransomware

‘Highly Evasive’ Malware Targets Linux Systems

A new "highly-evasive" Linux malware leverages the Berkeley Packet Filter (BPF) hooking functionality to hide malicious network traffic.

Malware

U.S. Government Puts Pressure on Chinese State-Sponsored Actors

NSA Cybersecurity Director Rob Joyce detailed how authorities are cracking down on Chinese state-sponsored actors at RSA.

NSA, China

Ransomware Actors Leaning on DNS Tunneling

Ransomware groups are using DNS tunneling more and more as a way to exfiltrate data and send commands to infected machines.

DNS, Ransomware

SVCReady Malware Emerges in Phishing Campaigns

A newly discovered malware loader is under active development and is executed via shellcode stored in a Word document.

Malware

Hydra Market Takedown Has Had Lasting Effects

The takedown of the infamous Hydra market has had lasting effects on the cybercrime underground and cryptocurrency laundering ecosystem.

Rsa2022, Cryptocurrency

Law Enforcement Seizes Cybercriminal Marketplace That Sold PII

The DoJ announced the takedown of the SSNDOB marketplace, which is a series of websites used for years to sell personal information of 24 million U.S. citizens.

Dark Web