Zeljka Zorz
Web-based DNA sequencers getting compromised through old, unpatched flaw
Unknown attackers are trying to exploit a vulnerability in dnaLIMS, a Web based bioinformatics laboratory information management system, to implant a bind shell into the …
Linux servers under attack via latest Exim flaw
It didn’t take long for attackers to start exploiting the recently revealed Exim vulnerability (CVE-2019-10149). Active campaigns One security enthusiast detected …
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
Ransomware disrupts worldwide production for Belgian aircraft parts maker
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around …
GDPR implementation lessons can help with CCPA compliance
The ever increasing number of data breaches has made consumers more aware of how their data is being used and has emphasized the importance of keeping personal data private, …
Researchers devise RAMBleed attack to grab secret data from memory
Researchers have demonstrated a new variation of the Rowhammer attack: dubbed RAMBleed, it may allow attackers to read data stored inside the computer’s physical memory. …
June 2019 Patch Tuesday: A little something for everybody
For June 2019 Patch Tuesday, Microsoft has fixed a whooping 88 CVE-numbered vulnerabilities, Adobe has plugged many critical security holes in ColdFusion and Flash Player, and …
US border agency contractor breached, license plate and travelers’ photos stolen
US Customs and Border Protection (CBP) announced that a hacker may have stolen sensitive data collected by the agency from a subcontractor’s network. “On May 31, …
How human bias impacts cybersecurity decision making
The human brain is a fantastic machine, but we’re all subject to cognitive bias and reasoning errors – and cybersecurity pros are no exception. In a newly released …
Malware peddlers hit Office users with old but reliable exploit
Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …
Two-thirds of iOS apps don’t use App Transport Security
Most iOS apps don’t take advantage of App Transport Security (ATS), a networking security feature offered by Apple that ensures encrypted connections between apps and …
Critical Exim flaw exploitable locally and remotely, patch ASAP!
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history