Security news that informs and inspires

All Articles

2376 articles:

Google Enables App-Bound Encryption in Chrome

In Chrome 127, Google has enabled a feature called app-bound encryption to protect cookies from malware.

Chrome, Google

The Fallout From the CrowdStrike Outage

Huntress security researchers John Hammond joins Dennis Fisher to discuss the continued fallout from the CrowdStrike outage on cybersecurity teams.

Crowdstrike, Video

Basta Ransomware Operator Tactics Undergo ‘Notable Shift’

UNC4393, a top Basta ransomware operator, has switched its initial access vector, showing the ongoing influences in the threat landscape a year after the Qakbot malware takedown.

Ransomware

Ransomware Groups Exploit VMware ESXi Flaw

The VMware ESXi flaw gives threat actors full administrative permissions on domain-joined hypervisors.

Vmware, Ransomware

U.S. Indicts Alleged Member of APT45 for Maui Ransomware Attacks

The Department of Justice has indicted Rim Jong Hyok for allegedly conducting Maui ransomware attacks as part of the APT45 group.

Ransomware, North Korea

Decipher Podcast: Tyler Healy

Tyler Healy, CISO of Digital Ocean, joins Dennis Fisher to discuss the unique challenges of defending a huge platform, how AI is changing things for defenders, and what new challenges AI might bring in the near future.

AI, Podcast

North Korean APT45 Goes for the Money

Mandiant researchers have graduated a North Korean threat group to APT45 and the FBI is warning about the group's focus on stealing sensitive data from military and critical infrastructure operators.

North Korea, Ransomware

Attackers Use CrowdStrike Incident as a Lure as Recovery Efforts Continue

The CrowdStrike Falcon update issue has become an attractive lure for cybercrime groups as affected organizations continue work to recover from the outage.

Crowdstrike, Microsoft, Phishing

Daggerfly APT Group Attacks Showcase Updated Tools

A known APT espionage group known as Daggerfly has updated its toolset in a number of recent attacks against organizations in Taiwan, as well as a U.S. non-governmental organization in China.

North Korea

CISA Warns of Phishing Attempts During CrowdStrike, Microsoft Outage Chaos

In a Friday statement, CISA said that it has observed threat actors taking advantage of the massive global outages, linked to a faulty CrowdStrike update, for phishing “and other malicious activity.”

Phishing

CrowdStrike Windows Update Linked to Global Outages

An issue with an update for CrowdStrike's Falcon sensor software has caused Windows machines to fail and is linked to Microsoft Azure outages around the world.

Microsoft, Crowdstrike

Digging Into FIN7’s Latest Tools and Tactics

FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as AvNeutralizer for many years. SentinelOne researchers Antonio Cocomazzi helps us dig into the group's tactics and tools.

Fin7, Cybercrime

APT41 Attacks Steal Data ‘Over an Extended Period’

APT41 compromised multiple organizations in the shipping and logistics, media, technology and automotive sectors.

Apt

Decipher Podcast: George Barnes

Former NSA Deputy Director George Barnes joins Dennis Fisher to talk about his 35-year career at the agency, how he came to be intrigued by the cybersecurity world, the emergence of Cyber Command as a force inside the government, and what he sees as the priorities for defenders now.

Podcast, NSA

After AT&T Breach, Senators Demand Answers

Members of the U.S. Senate Subcommittee on Privacy, Technology and the Law asked AT&T’s CEO “about how AT&T failed to protect such profoundly sensitive information from cybercriminals.”

Breach