Security news that informs and inspires
headshot of Fahmida Y. Rashid with teal overlay

Fahmida Y. Rashid

Contributor

Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher. Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.

  • fahmida@decipher.sc
  • @FYRashid
  • 3DF6 3FDA FACC 7BC6
352 articles by Fahmida Y. Rashid

Microsoft Mines Events Logs for RDP Brute-Force Attacks

Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.

RDP, Malware, Remote Access Attacks

Lawmakers Ask FCC to Do Something About SIM Swapping

Criminals can bypass two-factor authentication and hijack user accounts by simply convincing a mobile carrier to swap SIM cards for a phone number. A group of Senators and Representatives are asking the FCC to protect consumers from these kinds of scams.

Government, Mobile Security

MITRE Adds ICS-Specific Techniques to ATT&CK Framework

MITRE adds information about threat groups, malware, and techniques used by adversaries in attacks against industrial control systems in its ATT&CK framework.

Critical Infrastructure Security

Government Officials Warn of Potential Iranian Cyberattacks

The Iranian government has a lot of options to consider in its response after the United States military killed Qassem Soleimani, the chief of Iran’s Quds Force. Government officials in the United States are warning organizations that cyberattacks are possible, and to step up monitoring.

Government

CISA Seeks Comments on How Government Should Handle Vulnerability Reports

There is still time for security professionals in and out of government to weigh in on CISA's soon-to-be-released directive on how federal agencies should handle vulnerability reports.

Government, Vulnerability Disclosure