All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2349 articles:

Barracuda ESG Flaw Exploited by ‘Aggressive’ China-Linked Actor

Researchers point to an “aggressive and skilled actor” with suspected links to China as the group behind the attacks on a recently disclosed Barracuda ESG zero day.

Zero Day, Exploit

Microsoft Identifies Distinct Russian GRU Threat Actor

The threat actor behind the WhisperGate malware has been identified as a distinct Russian GRU group.

Russia, Gru

Federal Agencies Now Required to Secure Internet-Exposed Network Devices

The new directive from CISA aims to help federal agencies identify and secure their network devices that are exposed to the public internet.

CISA, Bod

CISA: LockBit Most Active Ransomware Group

The LockBit ransomware group was the most active in the world last year, according to a new advisory, and has collected nearly $100 million in ransoms in three years.

Ransomware, CISA

Cyberespionage Group Targets New VMware Zero Day

A Chinese cyberespionage group known as UNC3886 has been exploiting a new zero day (CVE-2023-20867) in VMware Tools.

Vmware

Fortinet Patches New Critical FortiOS Bug

Fortinet has released new firmware updates to patch a remote code execution vulnerability (CVE-2023-27997) that affects all versions of the FortiGate appliance.

Fortinet

U.S. Nuclear Agency in ‘Early Stages’ of Addressing Security Risks

According to a watchdog report, the National Nuclear Security Administration is still in the "early stages" of fully implementing security measures across its operational technology (OT) and nuclear weapons IT environments.

Nuclear, OT, Operational Technology

Russian Nationals Charged in Mt. Gox Crypto Exchange Hack

The DoJ unsealed the indictment charging two Russian nationals with gaining unauthorized access to the Mt. Gox server in 2011.

Cryptocurrency

Decipher Podcast: Source Code 6/9

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Barracuda: ESG Appliances With Actively Exploited Flaw Must Be Replaced

After deploying two patches, Barracuda said that businesses impacted by an actively exploited flaw must immediately replace their ESG appliances.

Email, Exploit, Flaw

New BEC Campaign Targets Financial Companies

A newly identified phishing and BEC campaign is targeting banks and financial organizations and began with the compromise of a trusted vendor.

BEC, Phishing

VMware Fixes Critical Network Monitoring Tool Flaws

Several versions of VMware's network monitoring tool have flaws that could enable an attacker with existing network access to remotely execute code.

Vmware

MOVEit Bug Attacks Continue By Cl0p Ransomware Group, Other Actors

The MOVEit Transfer bug that researchers say allows remote code execution, is being exploited by the Cl0p ransomware group and other actors to steal data and deploy ransomware.

Moveit

Google Patches Type Confusion Zero Day in Chrome

The type confusion bug is the third zero day that Google has addressed this year.

Zero Day, Google, Google Chrome

Apple Enables Third-Party Management for Passkeys

In upcoming software releases, Apple will change the way passkeys are managed, allowing third-party apps to sync and share them.

Apple