Security news that informs and inspires

All Articles

2376 articles:

New Law Aims to Revamp Federal Cybercrime Tracking

The Better Cybercrime Metrics Act aims to help streamline the consistent reporting of cybercrime incidents.

Government, Fbi

Decipher Podcast: Source Code 5/6

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

New Malware Framework Distributed Via Pay-Per-Install Service

The malware framework contains a loader, dropper and a remote access trojan with its own network communication protocol.

Malware

GitHub to Require 2FA for All Users

GitHub will require 2FA for all users who contribute code on the platform by the end of 2023.

Github, 2fa

Decipher Podcast: Jonathan Reiber

Lindsey O'Donnell-Welch speaks with Jonathan Reiber, vice president, Cybersecurity Strategy and Policy at AttackIQ.

Podcast

Threat Actor Increases Dwell Time By Targeting Opaque Devices

A newly discovered suspected espionage threat actor is targeting companies that focus on corporate development, mergers and acquisitions and large corporate transactions.

Apt

Curl Flaw Could Allow Authentication Bypass

Several versions of curl and the curl library contain a pair of security flaws.

Vulnerability

Man Convicted in Phishing Scam That Cost U.S. DoD $23.5M

A $23.5 million phishing scheme was carried out in 2018 that impacted the U.S. Department of Defense.

Phishing

Breaking Down the CISA Budget Proposal: Critical Infrastructure, Federal Security Investments

Overall, the proposed fiscal year 2023 budget represents an 18 percent increase over the requested budget for fiscal year 2022, reflecting a "significantly increased investment" in CISA.

CISA, Government Agencies

Decipher Podcast: Source Code 4/29

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

New Bumblebee Malware Loader in Active Development

Researchers speculate that the emerging loader is a replacement for the BazaLoader malware.

Malware

Behind the Rapidly Shifting Ransomware Ecosystem

Many of the top ransomware groups in 2021 have disappeared, while several new groups have emerged with high levels of activity.

Ransomware

ProxyShell, Log4J Among Most Commonly Exploited Bugs in 2021

The ProxyShell, Log4J, and Zerologon bugs were among the most commonly exploited ones in 2021, according to a new advisory from the NSA and other agencies.

NSA, Proxyshell

Decipher Podcast: Don Smith

Don Smith of the Secureworks CTU joins Dennis Fisher to discuss the effects of the Conti leaks, the ransomware landscape, and how law enforcement and researchers are countering attackers' ploys.

Podcast, Ransomwa

APT Groups Exploit Known VMware RCE Flaw

Sophisticated threat groups started closing in on the VMware remote code execution flaw a week after a patch was deployed.

Vmware, Flaw