Security news that informs and inspires

All Articles

2376 articles:

APT29 Phishing Attack Targets German Political Parties

Researchers observed APT29 using phishing emails in order to target German political parties with a new backdoor variant in late February.

Apt29

U.S. Sanctions, Indicts Alleged Members of Chinese APT31

The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven people alleged to part of China's APT31 threat group.

China

Q&A: Karen Habercoss

Karen Habercoss, chief privacy officer with UChicago Medicine, talks to Decipher about the unique data privacy and security challenges that the healthcare sector faces, and how organizations in this industry are approaching areas like AI and identity management.

AI, Identity Management, Healthcare

Ransomware, Backdoors Deployed in JetBrains Flaw Attacks

Researchers released further details about exploitation campaigns targeting the critical-severity JetBrains flaw.

Ransomware

Threat Actor Exploits F5, ConnectWise Flaws to Target U.S. Orgs

A threat actor has been observed exploiting various previously disclosed flaws to gain access to various U.S. governments and research organizations.

Exploit

TinyTurla-NG Backdoor Has Big Capabilities

New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.

Russia

Ivanti Patches Critical RCE Standalone Sentry Flaw

At the time of disclosure, Ivanti said it is not currently aware of the flaw being exploited.

Vulnerability

U.S. Government Doubles Down on Chinese APT Warnings

“The PRC’s inside the house,” said Andrew Scott, associate director for China operations with the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

Supply Chain

New AcidPour Wiper Malware Found in Ukraine

SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.

Russia, Malware

Decipher Podcast: Brian Donohue on the 2024 Threat Detection Report

Brian Donohue of Red Canary joins Dennis Fisher to talk about some of the surprising findings from the company's new 2024 Threat Detection Report, including why identity based attacks continue to work so well and how attackers are approaching the shift to the cloud.

Podcast

DHS Charts Out AI Security Strategy

The Department of Homeland Security said cybersecurity is a significant challenge for AI and it plans to work to identify the security risks that are associated with these technologies.

AI

Decipher Podcast: Source Code 3/15

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code

HHS to Probe Change Healthcare Attack

The Department of Health and Human Services will investigate the ransomware attack on Change Healthcare to see whether any consumer health information was compromised.

Government, Ransomware

No Easy Fix For Untangling Web of Critical Dependencies

The Change Healthcare ransomware attack shows it's difficult to map out - or even identify - the systems that would have the biggest impact if attacked.

CISA

Microsoft Fixes Critical Windows Hyper-V Flaws

Microsoft has patched critical-severity flaws in Windows Hyper-V as part of its regularly scheduled updates, which contained no zero-day flaws this month.

Microsoft