Security news that informs and inspires

All Articles

2376 articles:

Decipher Podcast: Source Code 6/17

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code

CISA Releases New Proposed Cloud Security Guidance

CISA is asking for public comment on a new set of cloud security guidance for federal agencies.

Government, Cloud Security

Microsoft Windows Update Fixes Known, Actively Exploited Flaw

Microsoft issued a patch for the Follina vulnerability, which was first disclosed in May and has been under active exploitation by attackers.

Microsoft

U.S., Israeli Officials Targeted in Spear-Phishing Operation

A targeted spear-phishing operation leveraged sophisticated social engineering tactics in order to collect personal information about high-ranking officials in the U.S. and Israel.

Spear Phishing

Attackers Exploit Confluence Bug to Drop Ransomware, Webshells

Exploitation of a critical, recently patched Atlassian Confluence bug continues to ramp up.

Atlassian, Rce

Prolific Ransomware Affiliate Groups Deploy BlackCat

The BlackCat RaaS continues to pose a bigger threat as two well-known ransomware affiliates have added the payload into their arsenal.

Ransomware

‘Highly Evasive’ Malware Targets Linux Systems

A new "highly-evasive" Linux malware leverages the Berkeley Packet Filter (BPF) hooking functionality to hide malicious network traffic.

Malware

U.S. Government Puts Pressure on Chinese State-Sponsored Actors

NSA Cybersecurity Director Rob Joyce detailed how authorities are cracking down on Chinese state-sponsored actors at RSA.

NSA, China

Ransomware Actors Leaning on DNS Tunneling

Ransomware groups are using DNS tunneling more and more as a way to exfiltrate data and send commands to infected machines.

DNS, Ransomware

SVCReady Malware Emerges in Phishing Campaigns

A newly discovered malware loader is under active development and is executed via shellcode stored in a Word document.

Malware

Hydra Market Takedown Has Had Lasting Effects

The takedown of the infamous Hydra market has had lasting effects on the cybercrime underground and cryptocurrency laundering ecosystem.

Rsa2022, Cryptocurrency

Law Enforcement Seizes Cybercriminal Marketplace That Sold PII

The DoJ announced the takedown of the SSNDOB marketplace, which is a series of websites used for years to sell personal information of 24 million U.S. citizens.

Dark Web

Russian Government, Cybercriminal Cooperation a ‘Force Multiplier’

The Russian government's tolerance and sometime cooperation with the cybercriime groups in the country makes the threat from both factions even more serious, US officials say.

Russia, Rsa2022

Lawmakers Release Federal Data Privacy Draft Bill

The draft bill looks at several key issues related to data privacy in the U.S., including data collection and sharing policies, opt-out practices and more.

Data Privacy

Decipher Podcast: Source Code 6/3

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast