Ankur Chadda

Dennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000. He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School's Working Knowledge, and most of his kids' English papers. Featured Articles Operation Endgame Targets Trickbot, IcedID, Other Botnets in Huge Disruption Europol and other agencies disrupted several major malware families, including IcedID, Bymblebess, Trickbot, and Smokeloader in an operation dubbed Operation Endgame. AI Security 'Is a Software Problem' Securing AI systems and LLMs seems like a daunting task, but experts say the same principles that apply to software security can be applied to securing AI. The Zero Day Piled on Zero Day Edge devices have become the go-to targets for cybercriminals and state actors, and experts say that will continue for the foreseeable future. 1149 articles by Dennis Fisher Critical PHP Flaw CVE-2024-4577 Patched A critical remote code execution bug (CVE-2024-4577) in all versions of PHP on Windows has been patched. The bug also affects all Windows versions of XAMPP. The Challenge of Reporting on Complex Breaches Veteran security journalist and podcaster Ryan Naraine joins the Decipher podcast to discuss the challenges of separating fact from fiction when reporting on complex incidents such as the Snowflake breach. Exploit Attempts Against Check Point CVE-2024-24919 On the Rise Hundreds of separate IP addresses are now trying to exploit the Check Point patch traversal flaw (CVE-2024-24919) that was disclosed last week. Researchers Warn of Potential Abuse of Azure Service Tags Tenable researchers discovered a technique for abusing Azure service tags to bypass firewall rules and Microsoft has issued new guidance for customers. Operation Endgame Targets Trickbot, IcedID, Other Botnets in Huge Disruption Europol and other agencies disrupted several major malware families, including IcedID, Bymblebess, Trickbot, and Smokeloader in an action dubbed Operation Endgame. Previous 1 2 3 4 5 6 7 8 9 ... More

77%

The Daily's Verdict

This author has a mixed reputation for journalistic standards. It is advisable to fact-check, scrutinize for bias, and check for conflicts of interest before relying on the author's reporting.

Bias

90%

Examples:

  • Red Hat said on Friday released an

Conflicts of Interest

75%

Examples:

  • The article mentions CVE-2024-3094, but it's possible that it does not exist or has been fixed already.
  • The article states that Red Hat released an

Contradictions

85%

Examples:

  • Updated versions of PHP 8.3, 8.2, and 8.1 were released on June 6.
  • XAMPP has not released an update for this flaw yet.

Deceptions

62%

Examples:

  • The article mentions CVE-2024-3094, but it's possible that it does not exist or has been fixed already.
  • The article states that Red Hat released an

Recent Articles

Critical PHP Vulnerability (CVE-2024-4577) Allows Unauthenticated Code Execution on Windows Systems

Critical PHP Vulnerability (CVE-2024-4577) Allows Unauthenticated Code Execution on Windows Systems

Broke On: Saturday, 08 June 2024 A critical vulnerability, CVE-2024-4577, in PHP affects all Windows systems and allows unauthenticated attackers to take control when PHP is configured for certain interactions or the binary is exposed. Vulnerable are systems running Japanese, traditional Chinese, or simplified Chinese. Attackers can exploit this recurrence of an argument injection bug through CGI mode or exposing the PHP binary in a CGI directory. Affected versions include 8.3 prior to 8.3.8, 8.2 prior to 8.2.20, and 8.1 prior to 8.1.29.
Backdoor Found in Widely Used Linux Utility xz Utils, Breaking Encrypted SSH Connections

Backdoor Found in Widely Used Linux Utility xz Utils, Breaking Encrypted SSH Connections

Broke On: Saturday, 30 March 2024 A backdoor in Linux utility xz Utils has been discovered that breaks encrypted SSH connections. Malicious code was introduced into versions 5.6.0 and 5.6.1 of the compression tool, which is included in most Linux distributions including Red Hat and Debian.