Security news that informs and inspires

All Articles

2376 articles:

New Backdoor Used By Iranian State-Sponsored Group

The backdoor is being used for intelligence gathering campaigns against U.S. organizations in the government, communications equipment, oil and gas and satellite sectors.

Iran

Attacks Target Recent Apache OFBiz Bug

CISA warns that the CVE-2024-38856 Apache OFBiz flaw disclosed earlier this month is being actively exploited.

Apache

U.S. Government Warns of Iran-Based UNC757 Attacks

CISA and the FBI are warning of activity by the Iran-based UNC757 group, which includes the targeting of known Check Point and Palo Alto Networks vulnerabilities.

Iran

Chinese APT Exploits Versa Networks Zero-Day Flaw

The vulnerability impacts versions of Versa Director prior to 22.1.4, and Versa Networks recommends that impacted users update to the fixed version as soon as possible.

Apt

Decipher Podcast: Reddit’s Matt Johansen on Identity Attacks, Enterprise Security, and Burnout

Reddit's head of application security Matt Johansen joins Dennis Fisher to talk about the highlights of Black Hat USA, the challenges of sorting security priorities in a large enterprise, and how he's learned to take care of his mental health after many years in the security industry.

Podcast, Black Hat

The Problem With Vulnerability Management: ‘We Can’t Just Patch All the Things’

The vulnerability management space continues to be a big challenge for organizations.

Vulnerability Management

SonicWall Fixes Critical Firewall Flaw

SonicWall has patched a critical vulnerability (CVE-2024-40766) in many of its next-gen firewall devices that could lead to unauthorized access.

Sonicwall

Qilin Ransomware Attack Targets Credentials Stored in Chrome

The incident illustrates the importance of multi-factor authentication and the insecure nature of browser-based password managers.

Mfa

Google Fixes Zero-Day Chrome Flaw in V8

The fixed versions of Chrome 128 will roll out over the coming days and weeks, said Google.

Zero Day

SolarWinds Warns of Web Help Desk Hardcoded Credential Bug

Hotfixes are available for both a hardcoded credential flaw and a deserialization remote code execution flaw in SolarWinds Web Help Desk.

Vulnerability

New MoonPeak RAT Linked to North Korean Actors

Cisco Talos researchers found a remote access trojan called “MoonPeak,” which is being used in North Korean-linked campaigns.

Apt

SEC Fines Transfer Agent After Cyber Incidents

The transfer agent failed “to assure that client securities and funds were protected against theft or misuse,” according to the SEC.

SEC

Decipher Podcast: Rebekah Brown and John Scott-Railton on COLDRIVER and Russian Cyberespionage

Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.

Podcast, Russia

Chainalysis: Ransomware Payment Sizes Spike in 2024

2024 is on track to be a record year for ransomware payment sizes - but the good news is overall, ransomware victims are paying ransoms less often.

Ransomware

APT42 Intensifies Phishing Campaigns Against U.S., Israeli Targets

In the past six months, the U.S. and Israel made up 60 percent of APT42’s known geographic targeting, according to new research.

Phishing