All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

China’s Big Data Boom Spurs a Flourishing Underground Economy

As part of a prosperous Chinese-language underground economy, cybercriminals are illegally monetizing big data by selling it to scammers, threat groups or even marketers.

Cybercrime, Big Data, China

More Malware Targets M1-Based Macs

A recent variant of the XCSSET malware has the capability to infect ARM M1-based Macs in addition to x86-based machines.

Macos, Apple

New Bill Would Curb the Export of Americans’ Data

The newly-proposed U.S. draft bill would introduce a license requirement for foreign companies to trade U.S. citizens’ personal information.

Data Privacy, Government, Regulation

Popular Codecov Bash Uploader Tool Compromised

The Codecov Bash Uploader tool, used widely in ,any development environments, was compromised in January, potentially causing serious downstream problems.

Supply Chain

Russian APT Group Actively Exploiting Flaws, U.S. Agencies Warn

The U.S. federal agency advisory on the active exploits of five flaws comes in tandem with the U.S. government formally attributing the SolarWinds supply-chain attack to Russian Foreign Intelligence Service (SVR) actors.

APT, Solarwinds, Government Agencies, Government

U.S. Sanctions Russia in Wake of Recent Cyber Attacks

The U.S. has imposed new economic sanctions against the Russian government and several IT security companies in the wake of the SolarWinds intrusion and other attacks.

Government, Russia

Lazarus Group Adds JavaScript Sniffer to Cryptocurrency-Stealing Arsenal

The Lazarus threat group utilized a modified JavaScript sniffer to steal cryptocurrency from unsuspecting e-commerce website consumers.

Threat Actors, APT, Ecommerce Security, Cryptocurrency

Decipher Podcast: Patrick Wardle Returns

Mac security researcher Patrick Wardle joins Dennis Fisher to talk about the evolution of Mac malware, the relative security of macOS to other platforms, and Apple's current approach to platform safety.

Podcast

FBI Uses Warrant to Remove Webshells From Compromised Exchange Servers

The FBI issued remote commands to compromised Exchange servers to remove webshells with the authority of a court order.

Government, Microsoft

IoT, Industrial Devices Impacted By Name:Wreck Vulnerabilities

Researchers found nine flaws that highlight the weaknesses of DNS protocol implementations in TCP/IP network communication stacks.

Iot Security, DNS Security, DNS

Microsoft Fixes Windows Zero Day Exploited in the Wild, Four More Exchange Flaws

Microsoft has released patches for a Windows bug that is being exploited in the wild and for four new Exchange vulnerabilities.

Microsoft, Patch Tuesday

Threat Groups Prey on Mobile With Evolving Malware, Tactics

Up to 97 percent of organizations reported facing mobile threats that used multiple attack vectors during 2020, as cybercriminals continue to adopt new tactics to target mobile devices.

Mobile, Malware, Banking Malware, Android