SEARCH
All Articles
CISA: RansomHub Ransomware Has Hit 210 Victims
A new advisory by CISA and the FBI warned of recent attacks by RansomHub and said that the group and its affiliates have successfully hit over 210 victims since its inception in February.
Attacks Target Recent Apache OFBiz Bug
CISA warns that the CVE-2024-38856 Apache OFBiz flaw disclosed earlier this month is being actively exploited.
U.S. Government Warns of Iran-Based UNC757 Attacks
CISA and the FBI are warning of activity by the Iran-based UNC757 group, which includes the targeting of known Check Point and Palo Alto Networks vulnerabilities.
Decipher Podcast: Reddit’s Matt Johansen on Identity Attacks, Enterprise Security, and Burnout
Reddit's head of application security Matt Johansen joins Dennis Fisher to talk about the highlights of Black Hat USA, the challenges of sorting security priorities in a large enterprise, and how he's learned to take care of his mental health after many years in the security industry.
Chinese APT Exploits Versa Networks Zero-Day Flaw
The vulnerability impacts versions of Versa Director prior to 22.1.4, and Versa Networks recommends that impacted users update to the fixed version as soon as possible.
The Problem With Vulnerability Management: ‘We Can’t Just Patch All the Things’
The vulnerability management space continues to be a big challenge for organizations.
SonicWall Fixes Critical Firewall Flaw
SonicWall has patched a critical vulnerability (CVE-2024-40766) in many of its next-gen firewall devices that could lead to unauthorized access.
Qilin Ransomware Attack Targets Credentials Stored in Chrome
The incident illustrates the importance of multi-factor authentication and the insecure nature of browser-based password managers.
SolarWinds Warns of Web Help Desk Hardcoded Credential Bug
Hotfixes are available for both a hardcoded credential flaw and a deserialization remote code execution flaw in SolarWinds Web Help Desk.
Google Fixes Zero-Day Chrome Flaw in V8
The fixed versions of Chrome 128 will roll out over the coming days and weeks, said Google.
New MoonPeak RAT Linked to North Korean Actors
Cisco Talos researchers found a remote access trojan called “MoonPeak,” which is being used in North Korean-linked campaigns.
SEC Fines Transfer Agent After Cyber Incidents
The transfer agent failed “to assure that client securities and funds were protected against theft or misuse,” according to the SEC.
Decipher Podcast: Rebekah Brown and John Scott-Railton on COLDRIVER and Russian Cyberespionage
Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.
Chainalysis: Ransomware Payment Sizes Spike in 2024
2024 is on track to be a record year for ransomware payment sizes - but the good news is overall, ransomware victims are paying ransoms less often.
APT42 Intensifies Phishing Campaigns Against U.S., Israeli Targets
In the past six months, the U.S. and Israel made up 60 percent of APT42’s known geographic targeting, according to new research.