All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

Attacks Based on Credential Theft On The Rise, DBIR Says

In the 13th Data Breach Investigations Report, Verizon researchers found that attackers are relying less on malware and more on stolen or lost credentials to carry out their attacks.

Data Breaches

Supercomputer Sites Still Struggling After Attacks

The attacks that hit numerous academic supercomputing sites have kept the powerful clusters offline for a week.

Supercomputers

Attacks Knock Supercomputing Sites Offline

A series of possibly related incidents has forced supercomputing site ARCHER in the UK and several others in Germany offline in the past few days.

Critical Infrastructure Security

Microsoft’s RDP Patch Isn’t a Complete Fix

Microsoft's February security update fixes the vulnerability that can result in reverse RDP attacks in the built-in Windows RDP client, but third-party RDP clients are still vulnerable, Check Point said.

Microsoft, RDP, Patching

Stuxnet’s Legacy Lives on in New Windows Bug

A vulnerability in the Windows print spooler service patched this week echoes a similar one exploited by the Stuxnet worm 10 years ago.

Microsoft

Lawmakers Ask for Cybersecurity Funding for States

A bipartisan group of Congressional lawmakers are trying to drum up support to include money for states and local governments to modernize their IT infrastructure in the next stimulus package.

Government

US Exposes New North Korean Malware Tools

The U.S. government has published details of three new malware tools it says are in use by North Korean state-sponsored attackers.

Malware

Thunderspy Attack Underscores Existing Thunderbolt Security Issues

The new Thunderspy attack highlights a handful of shortcomings in the security model of the Thunderbolt chip used in many PCs.

Hardware Security

GitHub Expands Scanning to Find Security Flaws in Code

The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.

Open Source, Github, Vulnerability, Appdev

Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software

Cisco has patched a dangerous flaw in its Adaptive Security Appliance Software that could allow an attacker to bypass authentication when Kerberos is enabled.

Vulnerability

Thousands of SaltStack Servers Patched, But Many Still Vulnerable

The number of servers vulnerable to the CVE-2020-11651 SaltStack flaw has dropped considerably, but several thousand are still unpatched.

Cloud

CISA Warnings Highlight Myriad Security Threats

Over the past few days, the Cybersecurity and Infrastructure Security Agency has issued several alerts warning about nation-state actors targeting healthcare and medical research organizations, as well as ways organizations should protect their remote workforce.