Researchers with Microsoft on Wednesday said that the threat actor has used a “highly targeted” social engineering attack to hit 40 global organizations.
Researchers observed 94 new domains associated with a known Russia-linked espionage threat group.
Rapid7 researchers have found a new flaw (CVE-2023-35082) in Ivanti MobileIron Core 11.2 and earlier.
The actively exploited flaw in Ivanti Endpoint Manager Mobile can be used in conjunction with another zero day addressed last week.
The number of zero days detected in the wild in 2022 dropped 40 percent from the previous year, but researchers say that doesn't mean we're getting better at security.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
In this CISO interview, Decipher talks to Dave Lewis, Global Advisory CISO at Cisco, about breaking barriers between CISOs and other players across the organization.
New requirements approved by the SEC this week will impact how publicly traded companies disclose cyber incidents, data risk management and oversight by the board of directors of security policies.
A new CISA analysis of risk and vulnerability assessments at government agencies shows that the use of valid credentials and spear phishing are still the most effective initial access vectors.
A new coalition of tech companies, including AT&T, Cisco, Verizon, and VMware, is aiming to address the challenges to global network resilience.
The Apple kernel flaw is the third bug related to the Operation Triangulation campaign.
The North Korean threat actor is leveraging the supply-chain attack to target MacOS keychains and reconnaissance data.
Atlassian has patched three nigh-risk vulnerabilities, two in its Confluence products and one in its Bamboo products.
Organizations are urged to apply patches for the flaw in Netscaler (formerly Citrix) ADC and Gateway products.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.