Zeljka Zorz
Securing Active Directory accounts against password-based attacks
Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts …
Which cybersecurity failures cost companies the most and which defenses have the highest ROI?
Massachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and …
Cisco patches critical, wormable RCE flaw in Cisco Jabber
Cisco has patched four vulnerabilities in its Jabber client for Windows, the most critical of which (CVE-2020-3495) could allow attackers to achieve remote code execution by …
Microsoft builds deepfakes detection tool to combat election disinformation
Microsoft has developed a deepfakes detection tool to help news publishers and political campaigns, as well as technology to help content creators “mark” their …
Tor Project launches program to secure funding for software development
The Tor Project, the research-education nonprofit organization that maintains software for the Tor anonymity network, has announced a membership program to secure funding that …
Apple-notarized malware foils macOS defenses
Shlayer adware creators have found a way to get their malicious payload notarized by Apple, allowing it to bypass anti-malware checks performed by macOS before installing any …
Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers
A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. …
Confirmed: Browsing histories can be used to track users
Browsing histories can be used to compile unique browsing profiles, which can be used to track users, Mozilla researchers have confirmed. There are also many third parties …
The state of GDPR compliance in the mobile app space
Among the rights bestowed upon EU citizens by the General Data Protection Regulation (GDPR) is the right to access their personal data stored by companies (i.e., data …
ATM makers fix flaws allowing illegal cash withdrawals
ATM manufacturers Diebold Nixdorf and NCR have fixed a number of software vulnerabilities that allowed attackers to execute arbitrary code with or without SYSTEM privileges, …
Fileless worm builds cryptomining, backdoor-planting P2P botnet
A fileless worm dubbed FritzFrog has been found roping Linux-based devices – corporate servers, routers and IoT devices – with SSH servers into a P2P botnet whose …
Kali Linux 2020.3 released: A new shell and a Bluetooth Arsenal for NetHunter
Offensive Security has released Kali Linux 2020.3, the latest iteration of the popular open source penetration testing platform. You can download it or upgrade to it. Kali …