Zeljka Zorz
AWDL flaws open Apple users to tracking, MitM, malware planting
Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in …
Capital One breach: Info on 106 million customers compromised, hacker arrested
Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Cloud adoption and security are not mutually exclusive
As organizations continue to adopt cloud services to achieve their desired business objectives, many don’t realize that the thing that makes cloud computing great – …
Ransomware attack leaves Johannesburg residents without electricity
A ransomware attack aimed at City Power, the electricity provider for Johannesburg (aka Joburg), South Africa, has resulted in some residents temporarily without power. While …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
Phishers targeting Office 365 admins have a new trick up their sleeve
Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are …
Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …
Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …
Google increases bounties for Chrome, Google Play bugs
Bug hunters searching for security flaws in Google’s offerings are now vying for higher bounties. Microsoft has launched a new bug bounty program. Google’s changes …
Healthcare’s blind spot: Unmanaged IoT and medical devices
From imaging to monitoring systems, infusion pumps to therapeutic lasers and life support machines, medical devices are used to improve and streamline patient care. Many of …
4 years after data breach, Slack resets 100,000 users’ passwords
Roughly 100,000 Slack users are getting their password reset and will have to choose a new one. The reason? During the data breach the company suffered in 2015, the attackers …