SEARCH
All Articles
CISA Details Cloud-Focused Attack Techniques Used by APT29
CISA and some its foreign partner agencies are warning that APT29 is using a variety of techniques to target cloud services and accounts.
Nation-State Threat Actors Hit Change Healthcare
Change Healthcare on Monday continued to work through disruptions to its systems after an attack by nation-state threat actors.
Challenges Remain in Evaluating Ransomware Crackdowns
While law enforcement disruptions certainly have a positive impact, there are deep-rooted difficulties in measuring substantial long-term changes.
Decipher Podcast: Source Code 2/23
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Critical ScreenConnect Flaw Under Active Exploitation
The ConnectWise ScreeConnect authentication vulnerability disclosed this week is now under active exploitation and there is proof-of-concept exploit code available.
Decipher Podcast: Jennifer Leggio Returns
Jennifer Leggio, a longtime security industry executive who has served in many different roles, joins Dennis Fisher to talk about the shift in thinking among those in the security community, technical gatekeeping in security, her new consulting venture Moveable Feast, and finding your niche.
Europol, FBI Announce LockBit Ransomware Crackdown
The breadth of the takedown itself is multifaceted and impacts everything from LockBit’s infrastructure backbone to members’ ability to access cryptocurrency accounts linked to the ransomware group.
Decipher Podcast: LockBit Takedown
Dennis Fisher and Lindsey O'Donnell-Welch discuss the disruption of the LockBit ransomware operation by the FBI, Europol, and UK authorities, what it means for victims, and how it fits into the government's larger strategy to target cybercrime groups.
Decipher Podcast: Source Code 2/16
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
U.S. Government Disrupts Botnet Used by Russian GRU Hackers
The operation marks the latest effort by U.S. law enforcement to knock down malicious cyber operations.
APT Exploits Microsoft Zero-Day in Malware Attacks
Microsoft fixed the flaw as part of its regularly scheduled updates on Tuesday.
The Creeping Threat of Security Debt
A new study shows that more than 70 percent of organizations have applications with vulnerabilities that are more than a year old, and nearly 50 percent have critical bugs that old.
U.S. Organizations Targeted in Bumblebee Malware Campaign
The campaign uses a slightly modified attack chain for Bumblebee and marks the return of the malware after a four-month absence from the threat landscape.
QNAP Fixes Pair of Command Injection Flaws
QNAP has patched two command injection flaws in several versions of its QTS and QuTS hero firmware.
Decipher Podcast: Mick Baccio
Mick Baccio, global security advisor at SURGe with Splunk, talks about how his perspectives on cybersecurity have changed over time - from first reading Neuromancer at age nine, to acting as the White House threat intelligence branch chief across multiple administrations.