Zeljka Zorz
Users of Cisco switches, security appliances need to get patching
Administrators of Cisco switches, firewalls, and security appliances are advised to take a look at the latest collection of security advisories published by the company, as …
Google plugs Chrome zero-day exploited in the wild
If you’re using Google’s Chrome browser and have not yet upgraded to the latest available version, do so now or risk being hit by attackers. About CVE-2019-5786 …
NSA unveils Ghidra reverse engineering tool at RSA Conference 2019
The National Security Agency (NSA) has released Ghidra, a free and cross-platform software reverse engineering tool suite used internally by the intelligence agency. They are …
Users are too confident in their protection from threats
Most users care about online privacy and take some steps to make sure their data is protected, a new Malwarebytes survey has revealed. But some protection measures are too …
Chronicle creates Backstory, a cloud service for analyzing enterprises’ security data
Chronicle, the cybersecurity subsidiary of Alphabet (Google’s parent company), has announced Backstory, a cloud platform that can be used by enterprises to sift through …
Traditional cybersecurity staff retention tactics becoming less effective
The recipe for improving your organization’s ability to hire and retain cybersecurity professionals is relatively straightforward (if not easy): offer an attractive pay, …
Bug in Cobalt Strike pentesting tool used to identify malicious servers
An extraneous space in the HTTP responses of webservers run by a variety of malicious actors allowed Fox-IT researchers to identify them pretty easily for the past year and a …
Phishing, software supply chain attacks greatest threats for businesses
Attackers continue to use phishing as a preferred attack method, but have been forced to adapt their approach as anti-phishing tools and techniques are becoming more …
Cisco SOHO wireless VPN firewalls and routers open to attack
Cisco has released security fixes for several models of wireless VPN firewalls and routers, plugging a remote code execution flaw (CVE-2019-1663) that can be triggered via a …
Modern browser APIs can be abused for hijacking device resources
Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history