Security news that informs and inspires

SEARCH

All Articles

Browse by Category:
Duo Labs Industry Events Industry News passwords Product & Engineering
Browse by Tag:
Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware
2349 articles:

Mozilla, Google Crack Down on Malicious Browser Extensions

Google and Mozilla over the past few weeks have taken steps to remove problematic extensions and add-ons that steal user data and execute remote code.

Browser Security

New CacheOut Attack Impacts Latest Intel Chips

Researchers have identified yet another speculative execution attack method against Intel processors.

Hardware, Intel, Spectre

Better Privacy Through Collaboration

Improving online privacy for users will require a mix of technical, legislative, and regulatory approaches.

Privacy

Interpol Arrests Possible Magecart Attackers in Indonesia

Three people arrested in Indonesia for using web skimmers to steal payment card details from websites may be linked to one of the groups operating under the Magecart umbrella.

Magecart, Cybercrime

Experts Worry Crypto War Two May Go the Other Way

If the US government moves to weaken strong encryption, it could have severe consequences for users around the world, experts say.

Encryption, Privacy

Citrix Releases Patches for ADC Flaw

Citrix has released patches for the CVE-2019-19781 vulnerability in its ADC and Gateway appliances.

Citrix

Emotet Sets Sights on Military and Government Targets

A recent Emotet malware campaign is homing in on victims in the military and government sectors.

Emotet, Malware

Senators Propose Cybersecurity Coordinators for Every State

A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states' abilities to respond to cyberattacks.

Government, Incident Response, Ransomware, Legislation

New Tool Detects Indicators of Compromise for Citrix Systems

Citrix and FireEye Mandiant have released a scanner that can detect some indicators of compromise related to the CVE-2019-19781 vulnerability.

Citrix

Ransomware Attacks Factory Honeypot

The latest investigation by Trend Micro Research observed multiple instances of fraud and ransomware attacks on networks with industrial control systems. For these organizations, sophisticated malware like Stuxnet and Triton aren't their biggest headaches.

Manufacturing Security, Critical Infrastructure Security

Unpatched IE Vulnerability Under Active Attack

A new Internet Explorer vulnerability (CVE-2020-0674) is being used in targeted attacks and Microsoft does not have a patch available right now.

Microsoft

Decipher Podcast: Kenn White on the Windows Crypto Bug

Kenn White joins Dennis Fisher to discuss the details of the CVE-2020-0601 Windows crypto vulnerability that the NSA disclosed to Microsoft.

Podcast

Kubernetes Launches Bug Bounty

Kubernetes has launched a public bug bounty program with support from Google.

Kubernetes

Citrix ADC Exploits Appear With No Patch Available Yet

Exploits for the CVE-2019-19781 Citrix ADC vulnerability are available on GitHub while patches are still a week away.

Citrix

Microsoft Patches Flaw in Windows Cryptography Component

Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.

Patch, Microsoft