Akira ransomware decryption method uses GPUs to brute force keys

Laura FrenchMarch 17, 2025

Source code for the decryption method was published by programmer Yohanes Nugroho.

RESOURCES

PODCASTS

Leadership
Security doesn’t trust AI, but startups are using it to write 95% of their code – ESW #398
Vulnerability Management
Your Cloud is a Mess, and We Explore 5 Reasons Why – Marina Segal – ESW #398
Vulnerability Management
Penetration Tests: useful, pointless, harmful, required, ineffective? – Phillip Wylie – ESW #398
Vulnerability Management
AI Bad, PHP, RDP, SuperBlack, VT, Deepseek, MassJacker, Roblox, Aaran Leyland… – SWN #459
Government Regulations
AI Is Oversharing and Leaking Data – Sounil Yu – PSW #865

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Homepage of Apache website on the display of PC

Vulnerability Management

Apache Tomcat flaw actively exploited; could allow ‘devastating’ RCE

Shaun NicholsMarch 17, 2025

Remote code execution may be achieved on vulnerable servers with a single PUT API request.

3D render laptop with neon glowing envelopes for email marketing concept. Digital communication on computer with electronic message icons for business advertising, online campaign strategy

Microsoft 365 environments exploited in business email attacks

Steve ZurierMarch 17, 2025

The BEC attacks rely on phishing lures that let the bad actors operate entirely within the Microsoft 365 ecosystem.

Credit: Adobe Stock

Microsoft Dragon Copilot: Just what the doctor ordered?

Stephen WeigandMarch 17, 2025

Microsoft’s prescription for doctor burnout and fatigue is an AI assistant.

(Credit: monticellllo – stock.adobe.com)

GitLab fixes critical SSO bypass vulnerabilities in update

Shaun NicholsMarch 14, 2025

The signature verification for the SSO system could be bypassed by using a specially crafted XML input.

(Credit: MCGORIE – stock.adobe.com)

Application security

Microsoft restores VS Code theme flagged as malicious: We messed up

Laura FrenchMarch 14, 2025

The theme had millions of installations before it was removed in late February.

AI Artificial Intelligence technology for data analysis, research, planning, and work generate. Man uses a laptop and AI assistant dashboard. Technology smart robot AI agents and agentic workflows.

OpenAI’s Operator AI agent can be used in phishing attacks, say researchers

Steve ZurierMarch 14, 2025

Researchers prove how attackers can use the added functionality in AI agents to launch phishing attacks.

New Lockbit-linked ransomware group targets Fortinet vulnerabilities

Laura FrenchMarch 13, 2025

The “SuperBlack” ransomware leverages the LockBit 3.0 builder with a custom encryption tool.

System warning error popup and maintenance showing. Operation system boot-up failure. Cybersecurity technology, system warning on hacked alerts.

Vulnerability Management

‘ClickFix’ campaign targets hospitality firms with phishing attacks

Shaun NicholsMarch 13, 2025

A novel twist on social engineering attacks is causing havoc for hospitality providers

EVENTS