Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2376 articles:

Q&A: Dinah Davis

Dinah Davis, VP of research and development operations at Arctic Wolf, discusses the challenges facing the cybersecurity industry when it comes to diversity and amplifying the voices of women.

Women in Tech, Women in Security

AstraLocker Ransomware Spread in ‘Smash and Grab’ Attacks

A new variant of the AstraLocker found being deployed directly in Microsoft Office attachments reflects a focus by attackers on making a big impact and getting a quick payout.

Ransomware

Decipher Podcast: John Hultquist

John Hultquist, VP of Mandiant Intelligence, talks about new Mandiant research that exposes a Chinese information operation campaign targeting U.S., Canadian and Australian rare earths mining companies.

Podcast

Bringing Ransomware Infrastructure Into the Light

Researchers from Cisco Talos were able to de-anonymize the infrastructure used by several ransomware groups, including Quantum, Snatch, and DarkAngels.

Ransomware

Emotet Office Macros Abuse Continues Despite Microsoft Protections

Researchers found hundreds of malicious Office documents being used to download Emotet in June.

Emotet

Remote Memory Corruption Bug Found in OpenSSL 3.0.4

A remotely exploitable memory corruption bug has been identified in OpenSSL 3.0.4 on x64 systems with the AVX512 instruction set.

Openssl

Decipher Podcast: Source Code 6/24

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

Chinese Threat Actor Uses Ransomware as a ‘Smokescreen’ For Espionage

Researchers say evidence points to Chinese-based Bronze Starlight using five different ransomware families as a method to disguise its actual goal of espionage.

China, Ransomware

APT Groups Still Exploiting Log4Shell in VMware Products

APT teams are still exploiting the Log4Shell flaw in VMware Horizon and Unified Access Gateway, six months after the initial disclosure.

Log4j, CISA

Russian Actors Focus on Confluence Flaw

The majority of exploitation attempts against the recent Atlassian Confluence bug (CVE-2022-36134) are coming from Russia.

Atlassian

BEC Actors Diverge From Traditional Attacks

Business email compromise (BEC) groups are more heavily relying on attacks that impersonate third-party vendors or suppliers, as opposed to traditional attacks that mimicked executives.

Business Email Compromise

AvosLocker Ransomware Deployed in Log4Shell Attack

An AvosLocker ransomware attack exploited the Log4j bug in VMware Horizon servers.

Ransomware

Decipher Podcast: Daniel dos Santos

Daniel dos Santos, head of security research with Forescout, talks about a set of over 50 vulnerabilities discovered in operational technology (OT) devices from 10 different vendors.

Podcast, Operational Technology

New ToddyCat APT Targets Exchange Servers

An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.

Apt

The Cat and Mouse Game of Crypto Money Laundering

Ransomware actors are getting better at laundering their proceeds from attacks - but law enforcement authorities are also getting better at tracking illicit cryptocurrency funds down.

Cryptocurrency, Ransomware