SEARCH
All Articles
Van Buren Decision Narrows CFAA Interpretation
The Supreme Court's decision in the Van Buren case has narrowed the interpretation of the Computer Fraud and Abuse Act, providing more leeway for security research.
Securing the Open Source Software Supply Chain
Improving the security of the open source software supply chain will require better understanding of dependencies, and cooperation from developers and users.
Deciphering Real Genius
Dennis Fisher, Zoe Lindsey, and Pete Baker ride a cart through the steam tunnels to meet at the Pacific Tech lab, crank up the laser, and ponder the immortal words of Socrates, who said, "I drank what?" Get your giant tinfoil ball of popcorn ready for Real Genius!
House Bill Would Ban States From Weakening Encryption
The ENCRPYT Act reintroduced in the House of Representatives last week would prevent states from passing laws to weaken or ban encryption.
U.S. Seizes Domains Used in Nobelium Phishing Campaign
The Department of Justice seized two domains used in the Nobelium spear-phishing campaign that impersonated the United States Agency for International Development.
Nobelium Phishing Campaign Targets Government Agencies, NGOs
A phishing campaign by the Russian actor known as Nobelium impersonated the United States Agency for International Development while targeting government agencies and humanitarian groups.
Chinese Cyber Espionage Actors Continue to Zero In on Pulse Secure Bugs
Two Chinese cyberespionage groups are targeting flaws in Pulse Secure VPN devices to compromise government and private networks in the U.S. and Europe.
Ingredient List Only Part of the Recipe to Fix Supply Chain Security
The requirement for vendors to provide a software bill of materials for the apps they sell to federal agencies will only address part of the supply chain risk, experts say.
Apple Fixes MacOS Flaw Abused in XCSSET Malware Attacks
Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.
VMware Patches Critical Flaw in vCenter
VmWare has released updates for a critical flaw in several versions of its vCenter Server virtualization product that can be used for remote code execution.
Cyber Insurance Industry Grapples With Evolving Security Risks
As demand for cyber insurance skyrockets, insurers are scrutinizing specific security risk factors more carefully when determining the cost and affordability of coverage.
DarkSide Affiliates Looking to Get Paid in Full
The shutdown of the DarkSide ransomware group has affiliates seeking resolution for unpaid ransom fees.
Decipher Podcast: Troy Hunt
Lindsey O'Donnell-Welch talks with Troy Hunt, founder of Have I Been Pwned, about the biggest challenges facing the security industry when it comes to credential stuffing and data breaches.
Phorpiex and the Versatility of Botnets
Decade-old botnets continue to adapt to the current threat landscape, as seen through the wide-ranging malicious activities of the resilient Phorpiex botnet.
Q&A: Kimberly Goody
Kimberly Goody of the FireEye cyber crime analysis team explains the ransomware-as-a-service model and the recent changes some groups have made to their operations.