Security news that informs and inspires

All Articles

2376 articles:

APT Actors Exploited Known Zoho, Fortinet Flaws to Hit Aeronautical Org

Fixes for both the Zoho and Fortinet vulnerabilities have been available since last year.

Apt, Fortinet

U.S., U.K. Hit Trickbot Group With Fresh Sanctions

The Department of the Treasury and the U.K. government have sanctioned 11 alleged members of the Trickbot group and say the group is allied with Russian intelligence.

Trickbot, Russia

Microsoft: Compromised Account, Series of Errors Led to Email Cloud Hack

Microsoft answered lingering questions about how China-based threat actors acquired a Microsoft account consumer signing key, leading to the previously disclosed hack of several Outlook accounts.

Microsoft

W3LL Phishing Kit Targets Microsoft 365 Accounts

A threat group, active for six years, has created an underground marketplace where it sells at least 16 custom tools and an advanced phishing kit to a clientele of at least 500 threat actors.

Phishing

Adversaries Shift Tactics in Attacks on Citrix NetScaler Flaw

Attackers are continuing to adjust their tactics in their attacks against Citrix devices vulnerable to the CVE-2023-3519 flaw.

Citrix

Xen Fixes Cache Flaw

The Xen Project has released an update to address a bug (CVE-2023-34321) that can allow a guest to read sensitive data from another's guest's memory.

Xen

Exploit Code For Critical VMware Bug Published

Exploit code has been published for a critical-severity flaw in VMware's network monitoring tool, the company said on Thursday.

Exploit, Vmware

Analyzing the Qakbot Disruption

Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch discuss the FBI's disruption of the Qakbot malware operation and what it might mean for the larger malware ecosystem.

Qakbot

Decipher Podcast: Source Code 9/1

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Splunk Patches ANSI Bug in ITSI

Splunk has released updates to fix an odd bug that allows an attacker to inject special codes into log files, potentially leading to remote code execution.

Splunk

New Cyber Espionage Campaign Targets Tech, Government Entities

The newly discovered threat group compromises companies and then moves laterally on the network, exfiltrating data, logging keystrokes and more along the way.

Government

Tech Companies Mull Strategies to Block Threat Groups From Abusing Platforms

Researchers recently examined more than 400 malware families and found that 25 percent of them abused legitimate internet services as part of their attack infrastructure.

Google, Microsoft

White House Advisory Group: Water Sector Needs Cybersecurity National Standard

The White House advisory group acknowledged that water providers face various cybersecurity workforce and budgetary issues.

White House, Critical Infrastructure

Researchers Detail New Backdoors Used in Barracuda ESG Attacks

Mandiant researchers said that a “limited number” of previously impacted victims remain at risk.

Barracuda, Backdoors

Attackers Target Juniper SRX and EX Flaws

Adversaries are targeting flaws in Juniper's EX and SRX series devices that can be chained together to gain remote code execution.

Juniper