SEARCH
All Articles
Ivanti Discloses New Flaw in Policy Secure, Connect Secure VPN
A new vulnerability has been disclosed in certain versions of Ivanti’s Connect Secure VPN and Ivanti Policy Secure appliances.
Fortinet Warns of Zero Day in FortiOS
Fortinet is urging customers to patch an actively exploited flaw (CVE-2024-21762) in many versions of its FortiOS software.
Q&A: Gary McGraw
Software security pioneer and AI expert Gary McGraw talks to Dennis Fisher about the risks of black box LLMs in AI and the need for regulation.
Ransomware Payments Hit $1.1B Record in 2023
With ransomware payments hitting an all-time high in 2023, CISOs “need to concentrate on making their organizations a hard target.”
Experts Urge Tighter Focus on Critical Infrastructure Security
ICS and operational technology experts told Congress Tuesday that adversaries' focus on critical infrastructure attacks requires a better focus on the security of these networks by defenders and regulators.
Decipher Podcast: Gary McGraw on AI Security
Software security and AI security expert Gary McGraw joins Dennis Fisher to discuss the findings of a new AI architectural risk analysis research paper that his Berryville Institute of Machine Learning did on LLMs, the risks of black box models, and what kind of regulation would be most effective at reducing those risks.
U.S. Cracks Down on Spyware With Visa Restriction Policy
The U.S. will impose visa restrictions on individuals that use or financially benefit from commercial spyware in a "novel and creative measure."
Decipher Podcast: Source Code 2/2
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
CISA: Federal Agencies Must Disconnect Vulnerable Ivanti Appliances
Federal agencies must disconnect Ivanti Connect Secure and Policy Secure appliances - which have actively exploited vulnerabilities in them - from agency networks within the next 48 hours.
Executives Navigate Operational Technology Security Challenges
While boards of directors and C-Suite executives are better understanding the value of operational technology security, challenges remain in the complexity of these systems and potential impact should threat actors attack them.
Ivanti Rolls Out Patches For Exploited Connect Secure Flaws
Ivanti has rolled out its first round of patches for two existing - and two newly discovered - vulnerabilities in its Ivanti Connect Secure VPN and Ivanti Policy Secure appliances.
U.S. Leaders Warn of Chinese Attacks on Critical Infrastructure
The Department of Justice has disrupted an attack campaign by Chinese state-sponsored attackers on U.S. critical infrastrucutre and says that country's targeting of civilian resources is a "low blow".
Decipher Podcast: Kevin Tian and Rahul Madduluri
Kevin Tian and Rahhul Madduluri, co-founders of Doppel, join Dennis Fisher to discuss the emerging threats of AI-enabled phishing and brand impersonation and how AI can also be used to detect and stop these attacks.
White House Implements AI Safety Reporting Mandate
Under the now-live White House executive order requirement, developers of the “most powerful AI systems” to report “vital information” related to cybersecurity measures, training plans and more.
‘Radical Transparency’ Needed For Tackling Identity Challenges
“One of the biggest challenges that we face in this space… is to say, ‘how are we doing?’” said CISA's Eric Goldstein, speaking at the Identity, Authentication and the Road Ahead event on Thursday.