Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2376 articles:

Collaboration Seen as Key to Defending Critical Infrastructure

Top officials from NSA and CISA say collaborative defense is the key to countering threats to the critical infrastructure.

Government, Ransomware

Trickbot Expands Malware Distribution Channels

Researchers observed known threat groups infecting victims with TrickBot for the first time in June, suggesting that the malware operators are expanding their distribution channels.

Trickbot, Malware, Banking Malware

Microsoft Fixes Actively Exploited Windows Zero-Day

Microsoft issued a fix for a use-after-free Windows vulnerability that was being leveraged in attacks, as part of its October Patch Tuesday roundup.

Patch Tuesday, Microsoft, Zero Day

Flaw in Crypto Library Causes Revocation of SSH Keys for Git Services

A flaw in the keypair library that caused it to generate weak RSA keys for SSH has caused GitHub and other services to revoke many organizations' keys.

Github, Cryptography

The Art of Extortion: Cybercriminals Build Up Blackmail Tactics

When it comes to cyber extortion, attackers are constantly on the hunt for new ways to put pressure on victims to pay up.

Ransomware, Data Breaches, Extortion

Attackers Tied to Iran Targeting Office 365 in Password Spraying Campaign

A new group with ties to the Iranian government is conducting a password-spraying campaign against Office 365 accounts.

Microsoft, Iran

FIN12 Ransomware Attackers Target Medical Facilities

The FIN12 group is targeting healthcare providers in the U.S. with aggressive cyberattacks that deploy the Ryuk ransomware.

Healthcare Security, Cybercrime, Ransomware

Scanning Activity for Apache Flaw Began Before Public Disclosure

Attackers were scanning for CVE-2021-41773 in the Apache web server several days before the flaw was disclosed publicly.

Apache

BlackTech Espionage Gang Adds to Malware Toolset

Researchers at VB2021 localhost gave an inside look into new malware families that the BlackTech espionage group is now using.

Malware, Apt, Net Exploitation

Behind the Rising Tide of Cybersecurity Legislation

At the 2021 Aspen Cyber Summit this week, lawmakers discussed why cybersecurity legislation is picking up - and challenges in the legislative process.

Government, Cybersecurity, Legislation

Espionage Attacks Against Telecom, Aerospace Firms Reveal Stealthy RAT

A RAT that has stayed under the radar for at least three years was recently uncovered in highly targeted espionage attacks against companies in the telecommunications and aerospace industries.

Malware, Cyber Crime, Dropbox, Remote Access Trojan

U.S. Forms Cryptocurrency Enforcement Team to Disrupt Ransomware Payments

The Department of Justice has formed a new National Cryptocurrency Enforcement Team to help disrupt ransomware payments to cybercriminals.

Ransomware, Governance

Apache Fixes Web Server Path Traversal Flaw Under Active Attack

Apache has released a fix for a path traversal flaw (CVE-2021-41773) that has been exploited in the wild.

Apache

New ESPecter UEFI Bootkit Discovered

Researchers have discovered a new UEFI bootkit called ESPecter that can modify the Windows Boot Manager.

Malware, UEFI

Fear of Pegasus Spyware Used to Spread Sarwent RAT

The fear surrounding the Pegasus spyware tool is being used to lure victims to a fake Amnesty International site that installs the Sarwent RAT.

Malware