SEARCH
All Articles
Snowflake: Customer Accounts Targeted in ‘Identity-Based Attacks’
Ticketmaster and others companies are reportedly wrapped up in a series of attacks that target accounts without MFA.
Operation Endgame Targets Trickbot, IcedID, Other Botnets in Huge Disruption
Europol and other agencies disrupted several major malware families, including IcedID, Bymblebess, Trickbot, and Smokeloader in an action dubbed Operation Endgame.
Wyden: SEC, FTC Should Investigate UnitedHealth’s ‘Negligent’ Security Practices
The senator called for investigations into “negligent cybersecurity practices” by UnitedHealth Group after a ransomware attack on its subsidiary Change Healthcare.
Check Point Releases Fix For Zero-Day VPN Flaw
The flaw (CVE-2024-24919) could enable attackers to read certain information on Gateways if they are connected to the Internet and enabled with Remote Access VPN or Mobile Access.
U.S. Sanctions Three Chinese Nationals for Alleged Connection to 911 S5 Botnet
The Office of Foreign Asset Control has sanctioned three Chinese citizens for their alleged operation of the 911 S5 botnet.
Decipher Podcast: Sarah Powazek
Sarah Powazek, the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, joins Dennis Fisher to talk about her work in setting up Cybersecurity Clinics at high education institutions around the country to help bring knowledge and skills to underserved organizations.
North Korean Threat Actor Deploys New, Custom Ransomware
A new North Korean threat group called Moonstone Sleet relies on trojanized, legitimate software, deploys custom ransomware and creates fake companies to further trick victims in its campaigns.
Backdoor Found in Courtroom Recording Software Installer
Researchers are warning of an apparent supply chain attack via a specific version of JAVS Viewer, audio-visual recording software used for courtrooms.
Google Fixes Another Chrome Zero Day
Google has patched yet another Chrome zero day, this one a type confusion flaw in V8 (CVE-2024-5274).
Privacy, Security Concerns Mount Over Microsoft Recall Feature
Privacy experts are criticizing a new Microsoft screenshot feature called Recall on its recently announced Copilot Plus PCs.
Decipher Podcast: Caitlin Condon on the Attack Intelligence Report
Caitlin Condon of Rapid7 joins Dennis Fisher to dive into the juicy tidbits from the Rapid7 Attack iNtelligence Report, including the rise in attacks on zero days, ransomware proliferation, and why network edge devices remain a major problem.
Intercontinental Exchange Faces $10M Penalty Over Delayed Disclosure
The SEC has hit the owner of the New York Stock Exchange with a $10 million penalty, saying its subsidiaries failed to notify the commission in a timely manner of a cyber intrusion discovered in 2021.
Decipher Podcast: Chris Langford
Chris Langford, Director of Network, Infrastructure, and Cyber Security at the Lewisville Independent School District, talks about how having experience in the classroom has helped him from a cybersecurity perspective, and how we can best educate the next generation of students on cybersecurity best practices.
Kimsuky APT Using Newly Discovered Gomir Linux Backdoor
The North Korean Kimsuky APT group has been using a new Linux backdoor called Gomir in attacks on South Korean targets.
AI Security ‘Is a Software Problem’
Securing AI systems and LLMs seems like a daunting task, but experts say the same principles that apply to software security can be used to build safe AI systems.