Zeljka Zorz
Mozilla patches actively exploited Firefox zero-day
Mozilla has patched a Firefox zero-day vulnerability (CVE-2019-17026) that is being exploited in attacks in the wild and is urging Firefox and Firefox ESR users to update …
App on Google Play exploited Android bug to deliver spyware
Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app …
Travelex extorted by ransomware gang, services still offline a week after the hit
On the last day of 2019, foreign exchange company Travelex was hit by cyber attackers wielding the Sodinokibi (aka REvil) ransomware. More than a week later, the …
Cisco Data Center Network Manager flaws fixed, Cisco ASA appliances under attack
Cisco has fixed 12 vulnerabilities in Cisco Data Center Network Manager (DCNM), a platform for managing Cisco switches and fabric extenders that run NX-OS, and has warned …
What are CISOs’ most pressing cybersecurity challenges?
CISOs are increasingly preoccupied with digital transformation, migration to cloud environments, and data governance, a recent YL Ventures survey has shown. The Israeli …
Know your enemy: Mapping adversary infrastructure quickly and accurately
Group-IB is a known quantity in the information security arena: in the sixteen years since its inception, the company – now headquartered in Singapore – has …
Data collection balancing act: Privacy, trust and consumer convenience
With the advent of laws like the EU’s GDPR and California’s CCPA, which are sure to be portents of things to come (i.e., more and better data privacy legislation), …
How Google applies Europe’s Right to Be Forgotten
Five years ago, after a landmark ruling of the Court of Justice of the European Union, Google began receiving, evaluating and acting upon requests to delist certain URLs …
Windows 7 is reaching end-of-extended-support, what to do?
Windows 7, released in October 2009, was one of Microsoft’s big successes. Ten years later and despite its end-of-extended-support deadline being imminent (January 14, …
Unpatchable KeyWe smart lock can be easily picked
A design flaw in the KeyWe smart lock (GKW-2000D), which is mostly used for remote-controlled entry to private residences, can be exploited by attackers to gain access to the …
December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year, Intel has fixed Plundervolt, and Google has delivered …
Microsoft demystifies email attack campaigns targeting organizations
Email is attackers’ preferred method for gaining a foothold into organizations. Campaign views, a new type of report available to some Microsoft enterprise customers, …