All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

NSA Director: ‘We Need Speed, Agility, and Unity of Effort’

Joint partnerships between the government and private sector are helping to harden U.S. networks and address ongoing threats.

Government

FIN7 Evolves With New Malware, Initial Access Tactics

The threat group has been using a new initial access vector and a novel malware family in the first stages of its attack.

Malware, Cybercrime, Fin7

Decipher Podcast: Source Code 4/1

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

GitLab Fixes Critical Account-Takeover Bug

GitLab has patched a critical vulnerability caused by hardcoded passwords in several versions.

Gitlab

Local Government Ransomware Attacks Disrupt Public Services

Ransomware attacks on local governments over the past year have resulted in various public service disturbances, from disabling jail surveillance cameras to disrupting COVID-19 vaccination appointment scheduling.

Ransomware, Local Government, State and Local Government

Log4Shell Attacks by Chinese APT Reveal Windows Rootkit

After investigating the Deep Panda APT's recent exploitation attempts of the Log4j flaw, researchers uncovered a new kernel rootkit.

APT, Rootkit, Log4j

Researchers Warn of RCE Bug in Spring Framework

A remote code execution flaw in the Spring Java framework has been uncovered, and exploits are circulating in some places.

Java

Law Enforcement Agencies Arrested 65 in BEC Crackdown

A widespread, international crackdown on business email compromise resulted in the arrest of 65 suspects.

Business Email Compromise, Fbi

CISA Warns of Attacks on UPS Devices

CISA is warning enterprises about ongoing attacks against Internet-connected UPS devices and encouraging them to change default credentials and enforce MFA.

CISA, Iot Security

Decipher Podcast: Caitlin Condon

Caitlin Condon, vulnerability research manager at Rapid7, talks about the rise of “widespread threats,” how the time to exploitation by attackers has shifted and what that means for security teams.

Podcast, Zero Day

FBI: Election Officials in Nine States Received Phishing Emails

U.S. election officials and other state and local government officials received invoice-themed phishing emails aiming to steal their credentials, warned the FBI.

Election Security, Elections, Phishing

IcedID Thread-Hijacking Attack Uses Compromised Exchange Servers

Attackers are using compromised Microsoft Exchange servers to launch thread-hijacking attacks that infect victims with the IcedID malware.

Malware, Phishing

Urgent Update for Chrome Fixes Zero Day Under Attack

Google has patched a zero day in the V8 engine in Chrome that is under active attack.

Google

Decipher Podcast: Source Code 3/25

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Azure Developers Targeted By Malicious NPM Packages

A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.

Supply Chain