Security news that informs and inspires

All Articles

2376 articles:

Microsoft Uncovers ‘Nimbuspwn’ Flaws in Linux Service

Microsoft researchers found a group of vulnerabilities dubbed Nimbuspwn in a Linux service named networkd-dispatcher that can lead to root privileges.

Linux, Microsoft

Emotet ‘Test’ Campaign Leverages OneDrive, XLL Files

A recent Emotet campaign with significant TTP changes reveal that attackers may be moving away from macros-based attacks given Microsoft’s recent plans to block VBA macros by default.

Emotet, Malware

Novel BlackCat Ransomware Tactic Speeds Up Encryption Process

A March 17 BlackCat ransomware incident revealed how the attackers are working to speed up the process of encryption using a new communication protocol.

Ransomware

Okta Ends Investigation Into Lapsus$ Breach

Identity provider Okta has finished the investigation into a January breach by hacking group Lapsus$ at one of its third-party providers and says it affected far fewer customers than initially feared.

Okta

Decipher Podcast: Source Code 4/22

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Lemon Duck Botnet Targets Exposed Docker APIs

The prolific botnet, which previously targeted vulnerable Microsoft Exchange servers, is now gaining initial access via exposed Docker APIs.

Docker, Cryptomining, Botnet

Chinese Cyber Espionage APTs Refocus Strategy

A recent report shows how a smaller set of Chinese APT actors have emerged in the past few years with 'more focused, professionalized, and sophisticated attacks.'

Apt, China

Java Crypto Bug Allows Forging of Signatures, Certificates

A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to deliver virtually any payload.

Java, Oracle

FBI Seeks Further Info on BlackCat Amid Ransomware Attacks

Since its emergence in November, the BlackCat ransomware group has racked up at least 60 victims worldwide.

Ransomware

CISA: Lazarus APT Targeting Blockchain Orgs With TraderTraitor Malware

The Lazarus APT group is targeting cryptocurrency and blockchain organizations with malware called TraderTraitor, warns the U.S. government.

Lazarus

Lenovo Releases Fixes For UEFI Firmware Flaws

Lenovo has released security advisories addressing a trio of flaws that impact dozens of laptop models.

UEFI, Lenovo

Decipher Podcast: Justine Bone

The medical industry is still facing an array of security challenges, but hospitals and healthcare providers are becoming more aware of the risks inherent in their environments.

Podcast, Medical Devices

Attackers Used Stolen OAuth Tokens to Download Private GitHub Repositories

A threat actor used stole OAuth tokens for third-party integrators Heroku and Travis-CI to access and download private GitHub repositories belonging to dozens of companies.

Github

Pegasus Spyware Operations Targeted UK Gov Officials, Catalans in Spain

Citizen Lab researchers disclosed two separate operations where the Pegasus spyware was deployed, including one against official UK government networks and another against 65 Catalan individuals in Spain.

Pegasus, Spyware

U.S. Gov Offers $5M Reward For North Korean Cybercrime Intel

The U.S. government is ramping up its pressure on North Korea-linked malicious cyber activity after a $600 million crypto-heist that was linked recently to the Lazarus Group.

Lazarus, Cryptocurrency