All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2376 articles:

Attackers Exploiting ManageEngine CVE-2022-47966 Flaw

Active exploitation of the CVE-2022-47966 ManageEngine flaw is underway.

Vulnerability, Exploit

U.S. Arrests Alleged Operator of Bitzlato Crypto Exchange

U.S. authorities have arrested Anatoly Legkodymov, the Russian alleged operator of the Bitzlato cryptocurrency exchange, which they say was a major hub for cybercriminal activity.

Cryptocurrency, Russia

LNK Files Link Bumblebee With Qakbot, IcedID Malware

By looking at metadata in LNK files in recent campaigns, Talos researchers have linked the Bumblebee malware with the Qakbot and IcedID malware groups.

Malware

CISA Warns of Serious Flaws in CONPROSYS HMI Software

A set of serious flaws in the Contec CONPROSYS HMI software that could allow remote code execution have been addressed in an update.

ICS

Bill Would Provide Funding for Security Research on Energy Infrastructure

A new bill would provide funding for security research at the university level into threats to the energy sector.

Critical Infrastructure, Government

Attacks Target Control Web Panel Flaw

Exploit attempts are ramping up against a flaw in Control Web Panel that allows unauthenticated remote code execution.

Linux

Decipher Podcast: Chris Eng on the State of Software Security

Chris Eng, chief research officer at Veracode, joins Dennis Fisher to discuss the company's new State of Software Security report, whether we're getting better at fixing bugs, and the fragility of open source projects an the software supply chain.

Podcast

MegaCortex Ransomware Decryptor Released

BitDefender has released a decryption tool for the MegaCortex ransomware variant.

Ransomware

Q&A: Sounil Yu

Sounil Yu, CISO at JupiterOne, talks about imposter syndrome and pinpointing gaps in organizations’ security programs.

CISO Q&a

CircleCI Warns Customers to Rotate Secrets After Security Incident

CircelCI said it is investigating a security incident and warned customers to rotate all of the secrets stored in the service.

Supply Chain Security

Fortinet Fixes Serious Flaw in FortiADC

Fortinet has patched a serious bug (CVE-2022-39947) in its FortiADC application delivery controllers.

Fortinet

Deciphering Home Alone

Kevin McCallister may not be a hacker or even own a computer (as far as we know), but no one embodies the hacker ethic better than he does, an eight-year-old boy left alone at Christmas who is forced to use his imagination and creativity to defend a prime target and lure his adversaries into his trap. This is Deciphering Home Alone.

Podcast, Hacker Movies

Play Ransomware Group Using New ProxyNotShell Exploit

Play ransomware actors have been using a previously undocumented exploitation method for the ProxyNotShell Exchange flaws.

Ransomware, Microsoft

Q&A: Andy Greenberg

Andy Greenberg, author and journalist at Wired, recently joined Dennis Fisher on the Decipher podcast to discuss his new book Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, which tells the stories of the people who hunted the operators of several major dark web markets.

Cryptocurrency

Q&A: Helen Patton

Helen Patton, CISO for the Security Business Group at Cisco, discusses why it’s vital for CISOs to be able to “talk about security things in non-security ways with non-security people.”

CISO Q&a