All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

Decipher Podcast: Source Code 12/10

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

Exploitation Attempts Ramp Up Against Critical Log4j Flaw

While a patch is available from the Apache Software Foundation, researchers say that numerous companies may need to wait until vendors push security updates out to their own products.

Apache, Java Exploit, Exploit Defense

Q&A: Wade Baker and Ben Edwards

Wade Baker and Ben Edwards of Cyentia Institute discuss the design and analysis of the data from the Cisco Security Outcomes Study.

Data Science

Emotet Shifts Gears, Drops Cobalt Strike Directly

New versions of Emotet have been dropping Cobalt Strike beacons directly, rather than relying on intermediate payloads such as Trickbot.

Emotet, Trickbot

Phishing Attacks Abuse Microsoft OAuth Implementations

Starting in February 2020, attackers have leveraged weaknesses that occur “by design” in OAuth 2.0 implementations from Microsoft and GitHub.

Oauth, Oauth Phishing, Microsoft

Decipher Podcast: Wade Baker and Ben Edwards

Wade Baker and Ben Edwards of the Cyentia Institute join Dennis Fisher to discuss the process of designing and interpreting the data from the Cisco Security Outcomes study, what surprised them from the data, and how organizations can use the study.

Podcast, Data Science

Mirai-Based Botnet Infects Vulnerable Surveillance Cameras

The Moobot botnet has been infecting popular surveillance cameras and using them in distributed denial-of-service (DDoS) attacks.

Botnet, Mirai

Google Disrupts Massive Glupteba Botnet

Google has taken down servers associated with the huge Glupteba botnet and also sued two alleged operators of the network.

Google, Botnet

Microsoft Seizes Sites From Chinese APT Group

Microsoft has disrupted "a key piece of infrastructure" used by the China-based threat group known as Nickel or APT15.

Microsoft, Cybercrime

New Guidance Pushes Federal Agencies Toward Automated Incident Reporting

New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.

CISA, Government

Cloud Service Provider Compromises Use CeeLoader Malware

Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.

Solarwinds, Malware

Decipher Podcast: Source Code 12/3

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

TSA Issues Security Rules For Rail Operators

Several new Security Directives, released by the TSA, aim to improve the security postures of rail and aviation entities.

Government Agencies, Government Security, Transportation

APT Groups Exploiting Critical Flaw in ManageEngine ServiceDesk Plus

CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.

CISA

Malicious Chrome Extension, Backdoor Uncovered in Malware Campaign

A threat actor has been deploying web browser credential stealers, an undocumented backdoor and new Google Chrome malicious extension in an ongoing campaign.

Malware, Chrome Extensions, Google Chrome, Backdoors