The Zero Day Initiative cited a decrease in patch quality that is leading to many issued fixes being faulty or incomplete.
Welcome back to Source Code, Decipher’s weekly news wrap podcast with input from our sources.
Bug bounty programs can be invaluable, but without the proper resources in place, they will fail hard.
“There’s a lack of imagination or… anticipation about the next move that hackers will make," warned investigative journalist Kim Zetter during Black Hat this week.
Former CISA director Chris Krebs said at Black Hat that the community may have focused too much on APT groups in recent years.
At Black Hat USA this week, Cyber Safety Review Board members tasked with looking at key lessons learned from Log4j talked about continued security issues facing the open source community.
The flaw was first reported to Microsoft in 2019, but at the time it said it did not consider the issue to be a vulnerability.
A researchers has released a proof-of-concept exploit for CVE-2022-31656, a critical authentication bypass in VMware ONE Access.
Researchers warn of an uptick in multiple ransomware groups targeting the same vulnerable networks, as seen in a recent attack that involved Hive, LockBit and BlackCat/ALPHV affiliates.
Tornado Cash is the second virtual currency mixer in three months to be sanctioned by the U.S. Treasury Department.
Megan Stifel, the chief strategy officer at the Institute for Security and Technology and co-chair of the Ransomware Task Force, talks about ransomware mitigation measures for organizations at a global scale and for small and medium-sized businesses.
Attackers compromised some customer and employee accounts at Twilio through a text-based phishing campaign.
A new botnet targets weak SSH server credentials, but its limited DDoS capabilities and "curious changes" leave researchers questioning its motivations.
Slack has automatically reset the passwords of a small number of users after discovering a bug in invitation links that sent hashed passwords to other users.
Welcome back to Source Code, Decipher's weekly security news podcast with input from our sources.