Security news that informs and inspires

All Articles

2376 articles:

Q&A: Chris Morales

Chris Morales, CISO at Netenrich, has held various roles throughout his career before becoming a CISO, including ones advising and designing incident response and threat management programs for enterprise organizations.

CISO Q&a

US, German Authorities Take Down ChipMIxer Platform

U.S. and German law enforcement authorities have seized the assets and infrastructure of the ChipMixer cryptocurrency mixing platform, alleging it launders ransomware payments.

Ransomware

Winter Vivern APT Targeting Ukrainian, European Organizations

A low-profile attack group known as Winter Vivern has recently been targeting government and private organizations in Ukraine, Poland, Italy, and elsewhere.

Apt, Russia

Microsoft Patches Two Bugs Under Active Attack

In its March Patch Tuesday release, Microsoft has fixed two vulnerabilities (CVE-2023-23397) and (CVE-2023-24880) that have been exploited in the wild.

Microsoft

Decipher Podcast: Chris Wysopal Returns

Chris Wysopal, CTO and founder of Veracode, joins Dennis Fisher to dive into the new White House National Cybersecurity Strategy and discuss what's missing, how practical the pillars are, and when these ideas may be implemented.

Podcast

YoroTrooper Group Targets European, CIS Countries in Cyberespionage Campaigns

The newly identified YoroTrooper group is targeting embassies and government agencies in European and Commonwealth of Independent States countries in phishing campaigns.

Apt

Decipher Podcast: Courtney Nash Returns

Courtney Nash joins Dennis Fisher to talk about the 2022 VOID Report on incidents, why mean time to resolve is no longer a meaningful metric, whether the duration of an incident matters, and how organizations can get better at responding to an analyzing incidents.

Podcast

GitHub Begins Mandatory 2FA Rollout for Developers

Starting March 13, developers on GitHub will be required to enable some form of two-factor authentication for their accounts.

2fa, Github

Apache Patches Two Important Bugs in Web Server

The Apache Software Foundation has fixed two important security flaws in version 2.4.56 of its HTTP Server.

Apache

Europol Hits Alleged Members of DoppelPaymer Ransomware Group

Europol, along with law enforcement from Germany and Ukraine, arrested two alleged members of the DoppelPaymer ransomware group.

Ransomware

Decipher Podcast: Andrew Morris Returns

Andrew Morris, the founder and CEO of GreyNoise, joins Dennis Fisher to talk about software liability, the evolution of the security industry, and why we're not getting better at securing our systems.

Podcast

Q&A: Bryan Willett

Bryan Willett, CISO at Lexmark, talks about why a “silver bullet” doesn’t exist in security and what he describes as a “multi-pronged” approach to building out a security program.

CISO Q&a

LastPass Attacker Compromised Employee’s Personal Machine

An attacker who stole corporate and customer data from LastPass in 2022 gained initial access by compromising an engineer's personal computer.

Lastpass, Data Breach

CISA Director: ‘Strong Security Has to Be a Standard Feature’

CISA Director Jen Easterly called on technology companies to focus on building products more securely and to stop shifting the burden for safety to customers.

Government, SBOM, Software Security

Possible New Lazarus Group Backdoor Found

A new backdoor called WinorDLL that is potentially the work of the Lazarus Group has been found onn victim machines in several countries.

North Korea, Lazarus Group