All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2376 articles:

Biden’s Cyber EO Ushered in Era of ‘Renewed Focus,’ But Challenges Remain

Government officials cited progress a year after Biden's executive order, but stressed that "there's more work to do."

Mfa, Zero Trust

NVIDIA Fixes Serious Flaws in GPU Driver

NVIDIA has released an update to fix a number of serious code-execution flaws in its GPU display driver that could be used to perform guest-to-host escapes.

Vulnerability

DoJ: Venezuelan Doctor Behind Thanos Ransomware Builder

A 55-year-old Venezuelan cardiologist is allegedly behind the Jigsaw v.2 ransomware and the Thanos builder.

Ransomware

Exploitation Attempts Start for Zyxel RCE Bug

A recently patched Zyxel firewall bug can allow bad actors to launch remote code execution attacks.

Rce

Researchers Demo Relay Attack Against Bluetooth LE Systems

NCC Group researchers have shown a novel relay attack against Bluetooth Low Energy proximity authentication systems.

Bluetooth Security

Trio of Serious Bugs Fixed in SonicWall SSL VPNs

Three serious flaws, including an authentication bypass, a shared hard-coded encryption key, and an open redirect, have been patched in the SonicWall SMA 1000 SSL VPNs.

Vulnerabilities, Sonicwall

Iran-Linked Threat Group Targeted U.S. Orgs in Financially Motivated Attacks

A local government and philanthropic company have been targeted by the known Cobalt Mirage Iran-linked threat group in recent months.

Cybercrime

Decipher Podcast: Source Code 5/13

Welcome back to Source Code, Decipher’s weekly security news podcast.

Source Code, Podcast

New Google Team to Help Critical Open Source Projects Improve Security

Google is creating a new Open Source Maintenance Crew to aid critical open source projects up their security game.

Google, Open Source Security

IceApple Post-Exploitation Framework Deployed on Exchange Servers

Researchers have discovered a sophisticated post-exploitation framework being deployed on Microsoft Exchange servers to assist threat actors with credential harvesting and local reconnaissance.

Malware, Microsoft

Cyberattacks Against MSPs Continue to Escalate

Cybersecurity authorities from numerous counties warn that cybercriminals are increasingly targeting managed service providers (MSPs).

Managed Service Providers

White House Adds Three Key Cybersecurity Officials

National Cyber Director Chris Inglis has added three officials to his team, including Kemba Eneas Walden, Rob Knake, and Neal Higgins.

Government, Ransomware

After Microsoft Macro Malware Crackdown, Attackers Explore New Options

After Microsoft started blocking macros obtained from the internet by default, email attackers are exploring alternative techniques to distribute Emotet, Qakbot, IcedID and other payloads.

Malware, Microsoft

U.S. Offers $15M in Rewards for Conti Ransomware Group Information

The U.S. government is offering monetary rewards for information about Conti's leaders, affiliates and operators.

Ransomware

Exploits Emerge for Critical F5 Flaw

Exploits for the critical F5 BIG-IP flaw (CVE-2022-1388) are now circulating online and malicious actors are scanning for it.