Zeljka Zorz
Cisco fixes root privilege, command injection vulnerabilities in Cisco SD-WAN solution
Cisco has fixed five security vulnerabilities in its Software-Defined WAN (SD-WAN) Solution, two of which could allow an authenticated, local attacker to either gain root …
Google Advanced Protection users get new protections against Android malware
Google has announced the rollout of two new non-negotiable security features for Android users who have also enrolled in the company’s Advanced Protection Program (APP). …
A week after Patch Tuesday, Adobe drops security fixes for six offerings
Adobe failed to release security updates on March 2020 Patch Tuesday, but has pushed them out this Tuesday, for Acrobat and Reader, Photoshop, ColdFusion, Experience Manager, …
Trend Micro fixes two actively exploited zero-days in enterprise products
Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the …
Healthcare cybersecurity in the time of coronavirus
Brno University Hospital, in Brno, Czech Republic, which is one of the country’s Covid-19 testing centers, has recently been hit by a cyberattack. The nature of the …
How to avoid a costly enterprise ransomware infection
In most cases of human-operated ransomware attacks against enterprises, the hackers don’t trigger the malware immediately: according to FireEye researchers, in most …
Fake Covid-19 tracker app delivers ransomware, disinformation abounds
As Covid-19 spreads across the globe and countries do their best to slow down the infection rate, cybercriminals’ onslaught against worried users is getting more intense …
Number of open source vulnerabilities surged in 2019
The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. “This can be …
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …
Wormable Windows SMBv3 RCE flaw leaked, but not patched
Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a …
March 2020 Patch Tuesday: Microsoft fixes 115 vulnerabilities, Adobe none
It’s March 2020 Patch Tuesday and Microsoft has dropped fixes for 115 CVE-numbered flaws: 26 are critical, 88 important, and one of moderate severity. The good news is …
Hackers are getting hacked via trojanized hacking tools
Someone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the tools for free, Cybereason researcher Amit Serper has …