Security news that informs and inspires

All Articles

2376 articles:

Mandiant Releases Scanner for Citrix ADC Bug

Mandiant has released a scanner to identify appliances that have been compromised through exploitation of CVE-2023-3519.

Citrix

Decipher Podcast: John Checco

At Black Hat USA last week, John Checco, resident CISO at Proofpoint, talked about the new SEC cyber rule and its impact for CISOs.

Podcast, Black Hat Usa

The Search For Secure By Design

The U.S. government wants product manufacturers to treat the security of customers as a core business requirement, but there are still challenges that need to be tackled.

Black Hat

Lapsus$ Analysis Finds Need for Better IAM, MFA Deployments

A detailed analysis of the activities of the Lapsus$ hacking group by the Cyber Safety Review Board shows that a focus on the basics and better usage of IAM and MFA technologies are highly effective defenses.

Government, Lapsus$

Decipher Podcast: Katelyn Bowden and TC Johnson

Katelyn Bowden and TC Johnson join Dennis Fisher to discuss the release of Veilid, a new protocol built by members of the Cult of the Dead Cow that is designed to bring true privacy and anonymity to users.

Podcast

CISA Director: We Need a ‘Sustainable’ Approach to Cybersecurity

Jen Easterly, director of CISA, said at Black Hat this week that the U.S. can learn important lessons on cyber resilience from how Ukraine has positioned its cyber defenses over the last decade.

Black Hat

Threat Actors Target Executives in EvilProxy-Powered Phishing Attacks

Attackers sent 120,000 phishing emails to over 100 organizations worldwide between March and June.

Phishing, Phishing Kits

Google to Patch Chrome Weekly

Beginning with Chrome 117, Google will ship stable channel updates on a weekly basis.

Google

Microsoft Fixes 73 Flaws in August Patch Tuesday

Microsoft fixed one actively exploited vulnerability in its August patch Tuesday releases, along with 72 other bugs.

Microsoft

Attacks Against Citrix CVE-2023-3519 Bug Escalate

Three separate campaigns are targeting the critical flaw (CVE-2023-3519) in Citris NetScaler ADC and Gateway devices.

Citrix

White House Wants to Bolster School District Cybersecurity

According to the White House, in last year’s academic year at least eight K-12 school districts in the U.S. were impacted by significant cyberattacks, and four of those caused schools to cancel classes or close completely.

Education, Ransomware

Microsoft Criticized Over ‘Irresponsible’ Patching Timeline

Microsoft was criticized after it took five months to fully patch an issue in its Power platform.

Microsoft

CISA: Old Bugs Still Get the Most Attention From Attackers

An analysis by CISA of commonly exploited vulnerabilities in 2022 shows that most of the targeted flaws are at least a year old and many are much older than that.

Government, CISO

Decipher Podcast: Black Hat USA Preview

Decipher editors Lindsey O'Donnell-Welch and Dennis Fisher discuss the top sessions, keynotes and trends to look out for at Black Hat USA in Las Vegas next week.

Source Code, Podcast

Decipher Podcast: Chris Kirsch

Chris Kirsch, CEO of runZero, joins Dennis Fisher to talk about the problem of trying to secure what you don't know you have, asset management, and his history in the original crypto war.

Podcast