Security news that informs and inspires

All Articles

2376 articles:

Stolen Citrix Credentials Led to Change Ransomware Attack

UnitedHealth Group's CEO revealed that attackers behind the hack gained initial access by leveraging compromised credentials for a Citrix application that didn’t have multi-factor authentication enabled.

Credentials

DHS Releases AI Security Guidance for Critical Infrastructure

The DHS guidelines outline how critical infrastructure entities can best be secured against the various risks associated with AI.

DHS, AI

Cactus Ransomware Group Targets Qlik Sense Servers

Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.

Ransomware

Decipher Podcast: Source Code 4/26

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Podcast, Source Code

NSA Advisory Sheds Light on Securely Deploying AI Systems

New guidelines from the NSA highlight best security practices for deploying and operating AI systems.

AI

Defusing the Threat of Compromised Credentials

Compromised credentials are at the root of many intrusions, but there are ways to reduce the threat from stolen credentials.

Identity, Credential Theft

Ransomware Task Force: We Need to Disrupt Operations at Scale

The Ransomware Task Force’s most recent report shows how the industry needs to rely on more than takedown operations in order to have more effective, long-term impacts in combating ransomware.

Video

Change Healthcare Says Attackers Accessed PHI and PII

The ransomware attack on Change Healthcare included the theft of PHI and PII, the company said.

Healthcare

Decipher Podcast: Lachlan McGill and Euan Moore

The Salvation Army's Lachlan McGill and Euan Moore talk about their experiences building a strong cybersecurity foundation, navigating the organization’s unique challenges and fostering a culture around security awareness.

Security Program, Podcast

Nation-State Actors Exploited Ivanti Bugs to Hit MITRE

The MITRE Corporation has disclosed a breach impacting one of its collaborative networks used for research, development and prototyping.

Ivanti, MITRE Att&ck

Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028

A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.

Microsoft, Russia

A Decade of Sandworm: Digging into APT44’s Past and Future

Decipher’s Lindsey O’Donnell-Welch and Mandiant analysts Dan Black and Gabby Roncone reflect on the most pivotal moments from Sandworm over the last decade, from NotPetya to the Ukraine electric power grid attacks.

Apt, Video

Decipher Podcast: Source Code 4/19

Welcome back to the Source Code podcast, Decipher’s weekly news wrap podcast with input from our sources.

Source Code

OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks

Threat actors have been exploiting known vulnerabilities in open-source platform OpenMetadata in order to access Kubernetes workloads and use them for cryptomining.

Kubernetes

Phishing Attack Targets LastPass Users’ Master Passwords

In order to convince LastPass users to hand over their passwords, attackers used a mix of phone calls, phishing emails and a phishing page under the domain “help-lastpass[.]com,” which has since been taken down.

Phishing