According to the latest Cisco Talos Incident Response Quarterly Trends report, instances related to MFA were involved in some capacity in half of all security incidents that the Talos team responded to in the first quarter of 2024.
The flaws include a critical-severity MOVEit Transfer authentication bypass bug (CVE-2024-5806).
A Chinese APT known as ChamelGang has been deploying the CatB ransomware in some intrusions around the world.
The European Council has sanctioned six individuals allegedly tied to the Wizard Spider, Armageddon and Callisto threat groups.
Metin Kortak, CISO with Rhymetec, talks about how organizations are approaching data privacy and security compliance, and thinking about risk management policies, when it comes to generative AI in the workplace.
Cisco Talos researchers have linked known Gh0stRAT campaigns targeting public and private sector entities to a Chinese-speaking threat actor called SneakyChef.
Packet Tide has fixed a group of XSS vulnerabilities and an open HTTP redirection bug in its ExpressionEngine content management system, some of which could give an attacker admin access.
A new deep-dive investigation into the known UNC3886 gives insight into how the China-linked threat actor “operates in a sophisticated, cautious, and evasive nature.”
Two critical vulnerabilities in VMware's vCenter Server centralized management utility could allow remote code execution.
In the 1995 classic Heat, the character Kelso is an old-school hacker with a background as a DARPA scientist who uses his knowledge to sell scores to criminals. Meg Gardiner, Casey Ellis, and Dennis Fisher discuss his connection to the hacker ethos.
A recent proposal in discussion in the European Union Council would mandate "upload moderation" of encrypted content, something that would break encryption for everyone, Singal's president said.
Researchers have been tracking a social engineering technique in ongoing attacks where a pop-up message gives end users instructions to manually copy and paste a malicious script, leading to the deployment of malware.
Michael Mann's 1995 thriller Heat is considered by many people to be the best crime movie ever made. And hidden inside the intricate plot is a story of a lone hacker with a background at DARPA who uses his skills to set up scores for the crews in LA's underworld. Meg Gardiner, the co-author of Heat 2, and Casey Ellis, cofounder of Bugcrowd, join Dennis Fisher to dig into the technological and psychological details of this modern masterpiece. This is Deciphering Heat.
The release of the Recall feature in Copilot Plus PCs will now be delayed on the heels of backlash from the security and privacy communities.
In this virtual Decipher event, we bring together industry experts to discuss the realistic challenges and practical use cases of AI in the cybersecurity space, and how defenders can approach AI risk management issues across their organizations.