SEARCH
All Articles
Digging Into FIN7’s Latest Tools and Tactics
FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as AvNeutralizer for many years. SentinelOne researchers Antonio Cocomazzi helps us dig into the group's tactics and tools.
After AT&T Breach, Senators Demand Answers
Members of the U.S. Senate Subcommittee on Privacy, Technology and the Law asked AT&T’s CEO “about how AT&T failed to protect such profoundly sensitive information from cybercriminals.”
Decipher Podcast: George Barnes
Former NSA Deputy Director George Barnes joins Dennis Fisher to talk about his 35-year career at the agency, how he came to be intrigued by the cybersecurity world, the emergence of Cyber Command as a force inside the government, and what he sees as the priorities for defenders now.
Rite Aid Breach Stemmed From Compromised Credentials
The attack started on June 6 when a threat actor impersonated a company employee in order to their compromise business credentials.
Critical Apache HugeGraph Flaw Under Attack
Exploit attempts peaked between June 29 and July 6, when researchers said they saw “several thousands on some days.”
Microsoft Spoofing Flaw Exploited in Infostealer Attacks
More details have emerged about attacks leveraging the Microsoft flaw that was disclosed and patched last week.
New Version of BeaverTail macOS Malware Identified
A new, native macOS version of the BeaverTail malware used by North Korean state-sponsored attackers has veen identified by researchers.
AT&T: Threat Actors Compromised ‘Nearly All’ Customer Phone, Text Records
AT&T said threat actors had accessed an AT&T workspace on a third-party cloud platform and were able to exfiltrate customer call and text records.
SSH-Snake Tool Used in Data Exfiltration Attacks
A new threat actor is finding success in relying on open-source software (OSS) security tools and a networking mapping tool called SSH-Snake in its campaigns.
Citrix Warns of Critical NetScaler Console Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Citrix are urging users and administrators to apply updates for the flaw.
US, Australian Governments: APT40 Poses Ongoing Threat
APT40 has jumped on these flaws days or even hours within public release, warned a new advisory by CISA, the Australian government and others.
How to Unearth Ransomware, Infostealer Trends From Malicious Domain Data
Ben Nahorney, threat intelligence analyst with Cisco, talks about how his team digs into malicious DNS activity to unearth new insights about how threat actors are using infostealers, ransomware and trojans.
New OpenSSH CVE-2024-6409 Flaw Emerges
A week after the disclosure of the regreSSHion CVE-2024-6387 flaw in OpenSSH, researchers have found a related flaw (CVE-2024-6409) in some recent versions of the library.
Decipher Podcast: Chris Hughes
Chris Hughes, co-founder of Aquia and a Cyber Innovation Fellow at the Cybersecurity and Infrastructure Security Agency, joins Dennis Fisher to talk about the challenges of supply chain security, working with the government to address systemic issues, and the importance of collaboration.
New Eldorado Ransomware Hits Windows, Linux Systems
Researchers have discovered the Eldorado group, which they said has developed and deployed a “highly effective” ransomware builder used to target both Windows and Linux systems.