All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2376 articles:

Q&A: Runa Sandvik

Runa Sandvik, who provides consultation services to journalists for cybersecurity, explains the unique challenges that newsrooms face in securing their environments.

Q&a, Privacy

Critical RCE Flaws Impact Medical Devices

Patches are available for three critical-severity remote code execution flaws that affect more than 150 devices, including medical imaging and laboratory products.

Vulnerability, Medical Devices

Decipher Podcast: Runa Sandvik

Runa Sandvik discusses her work helping journalists to secure their devices and how more newsrooms are recognizing the need for better cybersecurity measures.

Podcast

APT41 Compromised Six U.S. State Government Networks

The prolific APT group compromised state government networks by exploiting the Log4j flaw and a vulnerability in an animal health emergency reporting system.

Log4j, China, Government Agencies, State Government

Mozilla Fixes Two Firefox Flaws Under Attack

Two critical Firefox use-after-free zero-day vulnerabilities have been fixed.

Firefox, Mozila, Vulnerability

Serious ‘Dirty Pipe’ Bug Patched in Linux Kernel

A serious kernel bug (CVE-2022-0847) that allows an attacker to write any data to an arbitrary file has been fixed in Linux and Android.

Linux

Trio of Flaws Allows Remote Takeover of Some APC UPS Devices

Three vulnerabilities in some models of APC UPS devices can allow an attacker to upload a malicious firmware image and use the devices for further network attacks.

ICS Security

Decipher Podcast: Source Code 3/4

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Source Code, Podcast

Healthcare Sector Grapples With Legacy Devices, Patching Woes

Healthcare providers, clinics and hospitals face daunting challenges in how they protect against cyberattacks. But security experts are seeing improvement.

Healthcare Security

Lansweeper Fixes Four Bugs in IT Asset Management Platform

Lamsweeper has patched three SQL injection bugs and a cross-site scripting bug in its popular IT asset management platform.

Vulnerabilities

New DDoS Attack Vector Abuses Content Filtering Systems

Attackers abused a 'broken TCP implementation' in middleboxes to launch a 'small number' of DDoS attacks against organizations in recent weeks.

Ddos

NVIDIA Confirms Theft of Employee Credentials

NVIDIA said attackers stole some employee credentials and other proprietary company information that is being leaked online.

Data Breaches

Mike Hanley, CSO of GitHub, recently joined Dennis Fisher on the Decipher podcast to discuss the White House open source security summit in January, the Log4j response, and the challenges of helping millions of developers secure their projects.

Github

China-Linked Group Using New Daxin Backdoor

A China-linked threat actor is using a highly sophisticated backdoor called Daxin that implements its own communication protocol and has been deployed against military and critical infrastructure targets.

Malware

Decipher Podcast: Mike Hanley

Mike Hanley, CSO at GitHub and former VP of security at Duo Security, joins Dennis Fisher to talk about the open source security summit at the White House, the Log4j response, and how the tech industry can support the open source community.

Podcast, Github

SEARCH