Security news that informs and inspires

All Articles

2376 articles:

Threat Actor Targets Transportation Firms in Malware Campaigns

Researchers detailed a threat actor that has launched campaigns targeting the transportation and manufacturing sector for five years.

Threat Actors, Malware

Linux Kernel Stack Overflow Patched

A remotely exploitable stack overflow (CVE-2022-0435) in the TIPC module of the Linux kernel has been patched.

Linux

Q&A: Chris Eng

Chris Eng, chief research officer at Veracode, recently joined Dennis Fisher on the Decipher podcast to talk about the company's new State of Software Security report and trends in enterprise security.

Software Security

Decipher Podcast: Chris Eng

Chris Eng of Veracode joins Dennis Fisher to talk about the company's new State of Software Security report and what's driving the increase in enterprises scanning their apps for vulnerabilities.

Podcast, Vulnerabilities

FBI: BlackByte Ransomware Targeted Critical Infrastructure

The ransomware-as-a-service (RaaS) group has compromised organizations across the government, financial and food and agriculture sectors since November.

Ransomware, Critical Infrastructure

Decipher Podcast: Source Code 2/11

Welcome back to Source Code, Decipher’s weekly news podcast with input from our sources.

Podcast, Source Code

Apple Fixes Zero Day in iOS, macOS

Apple has fixed a WebKit zero day in iOS and macOS that attackers are exploiting.

Apple

Bill Would Mandate Critical Infrastructure Cyber Incident Reporting

A newly introduced legislative package would require cyber incident reporting for critical infrastructure entities.

Critical Infrastructure

Decipher Podcast: Allan Liska

Allan Liska, with Recorded Future, talks about the challenges that organizations face in implementing security measures against ransomware, and how ransomware actors are evolving their tactics.

Podcast, Ransomware

EARN IT Act Revival Renews Debate Over Online Privacy

Senators discussed the controversial act during a Judiciary Committee meeting on Thursday.

Privacy, Encryption

CISA Warns of Intensifying Ransomware Threat

CISA, the FBI, and international partners warned that ransomware groups are increasingly diversifying and targeting a wider range of organizations.

Ransomware

Microsoft to Block Macros by Default in Office Apps

Microsoft is blocking macros by default for Office, which it hopes will make abuse by cybercriminals more difficult.

Microsoft, Spear Phishing, Email

Collaboration Key to Log4j Response

The cooperative efforts of the private sector and CISA's Joint Cyber Defense Collaborative helped limit the damage of the recent Log4j vulnerability.

Log4j, Government

DoJ Seizes $3.6 Billion in Bitcoin Stolen From Bitfinex Hack

U.S. officials arrested two individuals and seized $3.6 billion in bitcoin related to the 2016 Bitfinex hack.

Cryptocurrency, Cyberattack

Microsoft Details Malware Attacks on Ukrainian Organizations

Microsoft said the Actinium threat group (also known as Gamaredon) has been observed targeting government, military and law enforcement organizations in Ukraine with spear-phishing emails.

Malware, Russia