Zeljka Zorz
![malware](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/11083747/malware-1500-400x200.webp)
The most prevalent malware behaviors and techniques
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, …
![NIST NVD](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/19152647/nist-nvd-1500-400x200.webp)
NIST’s NVD has encountered a problem
Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/11200538/fortinet-wall-400x200.jpg)
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of …
![arcserve](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/29152921/arcserve-1400-400x200.jpg)
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files …
![lock](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/07115823/locks-red-400x200.jpg)
The effects of law enforcement takedowns on the ransomware landscape
While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of …
![BSAM](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/12133240/bsam-open-source-400x200.webp)
BSAM: Open-source methodology for Bluetooth security assessment
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/12195711/patch_tuesday_2024-400x200.webp)
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known …
![Microsoft Russia](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/11125649/microsoft-russia-1500-400x200.webp)
Microsoft: Russian hackers accessed internal systems, code repositories
Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12084248/cisco-neon1-400x200.jpg)
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be …
![industry](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/30161211/industrial-setting2-400x200.jpg)
Web-based PLC malware: A new potential threat to critical infrastructure
A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/01103727/apple-room-400x200.jpg)
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple …
![email](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/29115745/email-attack-400x200.jpg)
Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD