Security news that informs and inspires

All Articles

2376 articles:

Emotet Shifts Gears, Drops Cobalt Strike Directly

New versions of Emotet have been dropping Cobalt Strike beacons directly, rather than relying on intermediate payloads such as Trickbot.

Emotet, Trickbot

Phishing Attacks Abuse Microsoft OAuth Implementations

Starting in February 2020, attackers have leveraged weaknesses that occur “by design” in OAuth 2.0 implementations from Microsoft and GitHub.

Oauth, Oauth Phishing, Microsoft

Decipher Podcast: Wade Baker and Ben Edwards

Wade Baker and Ben Edwards of the Cyentia Institute join Dennis Fisher to discuss the process of designing and interpreting the data from the Cisco Security Outcomes study, what surprised them from the data, and how organizations can use the study.

Podcast, Data Science

Mirai-Based Botnet Infects Vulnerable Surveillance Cameras

The Moobot botnet has been infecting popular surveillance cameras and using them in distributed denial-of-service (DDoS) attacks.

Botnet, Mirai

Google Disrupts Massive Glupteba Botnet

Google has taken down servers associated with the huge Glupteba botnet and also sued two alleged operators of the network.

Google, Botnet

Microsoft Seizes Sites From Chinese APT Group

Microsoft has disrupted "a key piece of infrastructure" used by the China-based threat group known as Nickel or APT15.

Microsoft, Cybercrime

New Guidance Pushes Federal Agencies Toward Automated Incident Reporting

New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.

CISA, Government

Cloud Service Provider Compromises Use CeeLoader Malware

Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.

Solarwinds, Malware

Decipher Podcast: Source Code 12/3

This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.

Podcast, Source Code

APT Groups Exploiting Critical Flaw in ManageEngine ServiceDesk Plus

CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.

CISA

TSA Issues Security Rules For Rail Operators

Several new Security Directives, released by the TSA, aim to improve the security postures of rail and aviation entities.

Government Agencies, Government Security, Transportation

Malicious Chrome Extension, Backdoor Uncovered in Malware Campaign

A threat actor has been deploying web browser credential stealers, an undocumented backdoor and new Google Chrome malicious extension in an ongoing campaign.

Malware, Chrome Extensions, Google Chrome, Backdoors

Mozilla Fixes Critical Flaw in NSS Crypto Library

Mozilla has fixed a critical buffer overflow in its NSS cryptographic library that had been lurking in the code for several years.

Mozilla

APTs Leverage New RTF Phishing Tactic

Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.

Phishing, Malware, Email

SIM Hijacking Attack Lands Hacking Group Member in Jail

The sentencing comes as the FCC grapples with how it can better safeguard consumers against SIM hijacking attempts.

Hacking, Government, Mobile Security