Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

Mozilla Fixes Critical Flaw in NSS Crypto Library

Mozilla has fixed a critical buffer overflow in its NSS cryptographic library that had been lurking in the code for several years.

Mozilla

APTs Leverage New RTF Phishing Tactic

Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.

Phishing, Malware, Email

SIM Hijacking Attack Lands Hacking Group Member in Jail

The sentencing comes as the FCC grapples with how it can better safeguard consumers against SIM hijacking attempts.

Hacking, Government, Mobile Security

TA505 Seen Using P2P RAT in New Operations

The TA505 threat group known for using the Clop ransomware and Dridex trojan is now using a new P2P RAT.

Malware

VirusTotal Adds Collections Feature for Better Collaboration and Context

VirusTotal has added a Collections feature to enable better real-time sharing of IOCs and context around malicious files and URLs.

Malware

Ransomware Group Continually Rebrands to Slip Under Radar

Researchers warn that a ransomware group's constant rebranding and its small size has allowed for it to fly under the radar.

Ransomware, Malware, Critical Infrastructure

Q&A: Casey Ellis

Casey Ellis, founder, chairman and CTO of Bugcrowd, discusses the future of vulnerability disclosure programs.

Q&a, Vulnerability Disclosure

Apple Sues NSO Group

Apple has sued NSO Group for allegedly abusing the company's iCloud servers and injuring its customers.

Apple

Malware Samples Target Windows Installer Flaw

Researchers have uncovered malware samples that are targeting a local privilege escalation flaw in Windows Installer.

Windows, Microsoft, Zero Day

Decipher Podcast: Casey Ellis

Casey Ellis joins Lindsey O'Donnell-Welch to discuss the evolution, adoption and standardization of vulnerability disclosure programs - both in the U.S. and across the globe.

Podcast, Vulnerability Disclosure

BazarLoader Attacks Use Compromised Software Installers

Researchers have observed the BazarLoader information stealer now being spread via compromised versions of VLC and TeamViewer packages.

Malware, Ransomware

Imunify360 Flaw Can Lead to Code Execution

CloudLinux's Imunify360 security platform has a severe flaw (CVE-2021-21956) that can lead to remote code execution in some circumstances.

Linux

Attackers Exploit Known Microsoft Exchange Server Flaws to Hijack Emails

Cybercriminals are using the known ProxyLogon and ProxyShell vulnerabilities to hijack email threads in malware attacks.

Microsoft Exchange, Proxyshell

Attackers Using Suite of Tools to Exploit ManageEngine Flaw

An APT group is using a suite of tools, including KdcSponge, Godzilla, and NGLite, to exploit a known ManageEngine flaw and move laterally.

CISA

Decipher Podcast: Source Code 11/19

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast