Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2376 articles:

Attackers Deploy Multiple RATs in Phishing Campaign

The Nanocore RAT, Netwire RAT and AsyncRAT are being spread through a phishing email that contains a downloader with multiple layers of obfuscation.

Remote Access Trojan, Phishing

APT35 Executes PowerShell-Based Malware in Log4j Flaw Attacks

The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.

Apt35, Log4j, Malware

China-Based Actors Using Log4Shell Bug for Ransomware Deployment

Threat actors known as DEV-0401 based in China are exploiting the Log4Shell vulnerability to deploy the NightSky ransomware.

Log4j

Q&A: Crane Hassold

Crane Hassold, with Abnormal Security, recently joined Lindsey O’Donnell-Welch on the Decipher podcast to talk about why business email compromise attacks are still a top financially damaging threat today.

Business Email Compromise, Email, Q&a

Microsoft Details Previously Fixed MacOS Flaw

Apple fixed the macOS vulnerability in a December security update.

Apple, Microsoft, Macos, Macos Security

Decipher Podcast: Crane Hassold

In a podcast discussion with Lindsey O'Donnell-Welch, Crane Hassold with Abnormal Security discusses how business email compromise attackers are getting savvier and best practices to defend against BEC attacks.

Podcast, Business Email Compromise

Researchers Find Log4Shell Type Flaw in H2 Database Console

Researchers have found a Log4Shell-like flaw in the H2 database console, which allows remote code execution.

Log4j

Attacks Target Log4j Bug in VMware Horizon

An unknown threat group is exploiting the Log4j vulnerability in VMware Horizon servers to install webshells for further malicious activity.

Log4j, Vmware

CISA: Federal Agencies Taking Steps to Address Log4j Flaw

CISA said that thousands of internet-connected assets have been mitigated by federal agencies under its Emergency Directive that addressed the Log4j flaw.

CISA, Government Agencies, Log4j

Meta Lawsuit Cracks Down on Facebook Phishing Scams

A new lawsuit from Meta seeks to uncover the operators behind 39,000 phishing sites that have attempted to steal Facebook, Instagram and WhatsApp users' credentials.

Facebook, Phishing

Decipher Podcast: 2021 Year in Review

Lindsey O'Donnell-Welch and Dennis Fisher look back on a wild year in cybersecurity and discuss the ongoing ransomware problem, the increase in zero days used in the wild, our favorite stories and podcasts of the year, and more.

Podcast

AvosLocker Ransomware Attacks Spike

The emergence of AvosLocker is part of an overarching shift in the RaaS ecosystem over the latter half of 2021.

Ransomware

Decipher Podcast: Sherrod DeGrippo

Proofpoint's Sherrod DeGrippo discusses the top malware trends of the past year, including Emotet's takedown and eventual return.

Podcast, Emotet, Malware

Deciphering Die Hard 2

Zoe Lindsey, Pete Baker, and Dennis Fisher sit down to talk about Die Hard 2, the forgotten member of the Die Hard series, which is not a Christmas movie. It is, however, a movie with a lot of great hacking and social engineering scenes, and Bruce Willis spewing one-liners like a 1950s standup comic.

Hacker Movies, Podcast

Decipher Library: Holiday Edition 2021

The editors of Decipher have compiled a list of book recommendations for you to enjoy during the holiday break.

Library, Books