Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2376 articles:

Privacy Prevails at the Ballot Box

For many voters, Election Day in the United States was more than just about voting for government officials such as the president, lawmakers, judges, and sheriffs. They were also asked to weigh in on referendums, new state laws, and amendments to the state constitution.

Government

Google Discloses Unpatched Windows Flaw Used in Attacks

A windows kernel bug (CVE-2020-17087) is being used in active targeted attacks alongside a recently fixed Chrome bug.

Microsoft, Google

CISA, Microsoft Warn of Continued Attacks on Zerologon Bug

The Zerologon (CVE-2020-1472) vulnerability is continuing to draw attention from attackers and Microsoft is urging enterprises to patch immediately.

Microsoft

Decipher Podcast: Jeremy Kennelly

Jeremy Kennelly of Mandiant joins Dennis Fisher to discuss the spike in ransomware infections in health care organizations and how ransomware operators are evolving their tactics.

Podcast, Ransomware

UK Regulator Tells Experian to Change Data Processing Practices

The United Kingdom’s Information Commissioner’s Office issued an enforcement notice against Experian last week, ordering the company to make “fundamental changes” to how it handles consumer data.

GDPR, Privacy

If Catching All Attackers Is the Goal, A New Path is Needed

Stairwell, a new startup founded by Google and Chronicle veteran Mike Wiacek, aims to help more organizations stop high-level attackers.

Threat Intelligence, Google

KashmirBlack Botnet Targets Unpatched CMS Software

The KashmirBlack botnet exploits multiple flaws in popular content management systems (CMS) is behind millions of attacks per day, including mining for cryptocurrency, redirecting website traffic to spam sites, and defacing websites, Imperva said.

Botnet

U.S. Sanctions Russian Institute for Triton Malware

The Office of Foreign Assets Control announced sanctions against a Russian research institute for deploying the Triton ICS malware.

Government

Energetic Bear Attackers Targeting US Government Agencies

A Russian threat group known as Energetic Bear has compromised some state and local government agencies in recent weeks.

Government, Apt

Decipher Podcast: Kurtis Minder

Kurtis Minder, CEO of GroupSense, joins Dennis Fisher to discuss the delicate process of ransomware negotiations and how enterprises are dealing with infections today.

Podcast

Microsoft Continues Dismantling Trickbot

Talk about a Whack-a-Mole Operation. Microsoft tries to disable Trickbot command-and-control servers faster than botnet operators can rebuild new infrastructure.

Botnet

Enterprises Should Fix These 25 Flaws

Enterprise IT staff should prioritize fixing the flaws listed in the Top 25 list of most commonly targeted vulnerabilities released by the United States National Security Agency.

Vulnerability, Patch

Google Patches Bug Used in Active Attacks Against Chrome

Google has fixed a flaw in the FreeType library that attackers are attempting to exploit against Chrome users.

Google

British Airways GDPR Fine Lower Than Expected

Citing the pandemic, the United Kingdom privacy watchdog dramatically reduced the fine against British Airways for its 2018 data breach.

GDPR, Data Breaches

Trickbot Up to Its Old Tricks

Days after a takedown operation, the Trickbot botnet is back up and running with new C2 servers in Europe and South America.

Botnet, Malware