SEARCH
All Articles
Interpol Arrests Possible Magecart Attackers in Indonesia
Three people arrested in Indonesia for using web skimmers to steal payment card details from websites may be linked to one of the groups operating under the Magecart umbrella.
Experts Worry Crypto War Two May Go the Other Way
If the US government moves to weaken strong encryption, it could have severe consequences for users around the world, experts say.
Citrix Releases Patches for ADC Flaw
Citrix has released patches for the CVE-2019-19781 vulnerability in its ADC and Gateway appliances.
Emotet Sets Sights on Military and Government Targets
A recent Emotet malware campaign is homing in on victims in the military and government sectors.
Senators Propose Cybersecurity Coordinators for Every State
A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states' abilities to respond to cyberattacks.
New Tool Detects Indicators of Compromise for Citrix Systems
Citrix and FireEye Mandiant have released a scanner that can detect some indicators of compromise related to the CVE-2019-19781 vulnerability.
Ransomware Attacks Factory Honeypot
The latest investigation by Trend Micro Research observed multiple instances of fraud and ransomware attacks on networks with industrial control systems. For these organizations, sophisticated malware like Stuxnet and Triton aren't their biggest headaches.
Unpatched IE Vulnerability Under Active Attack
A new Internet Explorer vulnerability (CVE-2020-0674) is being used in targeted attacks and Microsoft does not have a patch available right now.
Decipher Podcast: Kenn White on the Windows Crypto Bug
Kenn White joins Dennis Fisher to discuss the details of the CVE-2020-0601 Windows crypto vulnerability that the NSA disclosed to Microsoft.
Kubernetes Launches Bug Bounty
Kubernetes has launched a public bug bounty program with support from Google.
Citrix ADC Exploits Appear With No Patch Available Yet
Exploits for the CVE-2019-19781 Citrix ADC vulnerability are available on GitHub while patches are still a week away.
Microsoft Patches Flaw in Windows Cryptography Component
Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.
Industry Groups Don’t Like Commerce Department’s Supply Chain Security Rules
Multiple business groups have pushed back on the Department of Commerce's proposed supply chain rules on information and communications technology supply chain security due to vague language and undefined scope.
‘We Can’t Be Complacent’ About the Crypto Debate
The encryption debate is as old as the Internet, and Jennifer Granick warns that giving ground now could have serious long-term effects.
Microsoft Mines Events Logs for RDP Brute-Force Attacks
Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.