All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

Russian Government, Cybercriminal Cooperation a ‘Force Multiplier’

The Russian government's tolerance and sometime cooperation with the cybercriime groups in the country makes the threat from both factions even more serious, US officials say.

Russia, Rsa2022

Lawmakers Release Federal Data Privacy Draft Bill

The draft bill looks at several key issues related to data privacy in the U.S., including data collection and sharing policies, opt-out practices and more.

Data Privacy

Decipher Podcast: Source Code 6/3

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

GitLab Patches Critical Account Takeover Flaw

The critical flaw (CVE-2022-1680) can allow for account takeover in impacted installations that have not been upgraded.

Gitlab

Zero Day in Atlassian Confluence Under Attack

A newly disclosed zero day in some versions of Atlassian Confluence and Data Center is under attack and being used to install webshells on target servers.

Atlassian

Evil Corp Affiliates Deploy LockBit Ransomware to Sidestep Sanctions

A threat cluster with significant overlap to the Evil Corp cybercriminal gang has started deploying the LockBit ransomware in an effort to evade U.S. sanctions.

Ransomware, Lockbit

CISA Warns of Karakurt Extortion Group

The Karakurt data extortion group is stealing sensitive information from enterprises and holding it for ransom, CISA warns.

Ransomware, CISA

Enterprise Ransomware Attacks Are Getting Faster

The average ransomware attack duration - from the initial access to the deployment of the ransomware payload at scale - was under four days in 2021.

Ransomware

Attackers Continue to Target Critical WSO2 Flaw

Weeks after the disclosure of the vulnerability (CVE-2022-29464) in WSO2 products, attackers are leveraging the flaw to install Linux-compatible Cobalt Strike beacons, cryptocurrency miners and more.

Wso2, Vulnerability

Cheerscrypt Linux-Based Ransomware Targets VMware ESXi Servers

The new Linux-based ransomware is only the latest to target VMware ESXi servers.

Linux

Exploits Target Zero Day in Windows and Office

A zero day flaw (CVE-2022-30190) in Windows and Office is under active attack and MIcrosoft has not issued a patch yet.

Microsoft

Interpol Arrests Alleged Head of BEC Cybercrime Syndicate

Interpol and private-sector companies announced the arrest of the alleged leader of a well-known phishing and BEC group.

BEC

Ransomware Safe Havens, Reporting Inconsistencies Trouble Authorities

Despite the U.S. government adopting many recommendations by the Ransomware Task Force in combating ransomware, authorities still grapple with several challenges that enable the ransomware ecosystem to thrive.

Ransomware, Ransomware Task Force

Cisco Patches Serious Flaw in IOS

Cisco has patched a flaw in IOS XR that can allow an attacker to write arbitrary files to the Redis instance.

Vulnerability

Decipher Podcast: Source Code 5/20

Welcome back to Source Code, Decipher’s weekly news wrap podcast.

Source Code