SEARCH
All Articles
Synnovis Ransomware Attack Disrupts Healthcare Services
Synnovis is experiencing a ransomware attack impacting all IT systems and resulting in interruptions to many of the organization’s pathology services across top hospitals in London.
Decipher Podcast: Garrett Yamada
Garrett Yamada, associate director of identity security at Texas A&M University, talks about his experiences navigating identity challenges.
Researchers Warn of Potential Abuse of Azure Service Tags
Tenable researchers discovered a technique for abusing Azure service tags to bypass firewall rules and Microsoft has issued new guidance for customers.
Snowflake: Customer Accounts Targeted in ‘Identity-Based Attacks’
Ticketmaster and others companies are reportedly wrapped up in a series of attacks that target accounts without MFA.
Operation Endgame Targets Trickbot, IcedID, Other Botnets in Huge Disruption
Europol and other agencies disrupted several major malware families, including IcedID, Bymblebess, Trickbot, and Smokeloader in an action dubbed Operation Endgame.
Wyden: SEC, FTC Should Investigate UnitedHealth’s ‘Negligent’ Security Practices
The senator called for investigations into “negligent cybersecurity practices” by UnitedHealth Group after a ransomware attack on its subsidiary Change Healthcare.
Check Point Releases Fix For Zero-Day VPN Flaw
The flaw (CVE-2024-24919) could enable attackers to read certain information on Gateways if they are connected to the Internet and enabled with Remote Access VPN or Mobile Access.
U.S. Sanctions Three Chinese Nationals for Alleged Connection to 911 S5 Botnet
The Office of Foreign Asset Control has sanctioned three Chinese citizens for their alleged operation of the 911 S5 botnet.
Decipher Podcast: Sarah Powazek
Sarah Powazek, the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, joins Dennis Fisher to talk about her work in setting up Cybersecurity Clinics at high education institutions around the country to help bring knowledge and skills to underserved organizations.
North Korean Threat Actor Deploys New, Custom Ransomware
A new North Korean threat group called Moonstone Sleet relies on trojanized, legitimate software, deploys custom ransomware and creates fake companies to further trick victims in its campaigns.
Backdoor Found in Courtroom Recording Software Installer
Researchers are warning of an apparent supply chain attack via a specific version of JAVS Viewer, audio-visual recording software used for courtrooms.
Google Fixes Another Chrome Zero Day
Google has patched yet another Chrome zero day, this one a type confusion flaw in V8 (CVE-2024-5274).
Privacy, Security Concerns Mount Over Microsoft Recall Feature
Privacy experts are criticizing a new Microsoft screenshot feature called Recall on its recently announced Copilot Plus PCs.
Decipher Podcast: Caitlin Condon on the Attack Intelligence Report
Caitlin Condon of Rapid7 joins Dennis Fisher to dive into the juicy tidbits from the Rapid7 Attack iNtelligence Report, including the rise in attacks on zero days, ransomware proliferation, and why network edge devices remain a major problem.
Intercontinental Exchange Faces $10M Penalty Over Delayed Disclosure
The SEC has hit the owner of the New York Stock Exchange with a $10 million penalty, saying its subsidiaries failed to notify the commission in a timely manner of a cyber intrusion discovered in 2021.