Zeljka Zorz
Siemens LOGO!, a PLC for small automation projects, open to attack
LOGO!, a programmable logic controller (PLC) manufactured by Siemens, sports three vulnerabilities that could allow remote attackers to reconfigure the device, access project …
Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …
G Suite to get Gmail confidential mode, on by default
Earlier this year, Google introduced Gmail confidential mode for both consumer and G Suite users. While the former were able to use it immediately, the latter depended on …
When it comes to email-based threats, Emotet dominates
Emotet displaced credential stealers, stand-alone downloaders and RATs and became the most prominent threat delivered via email, Proofpoint has shared. According to the …
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …
GitHub introduces Dependabot-powered automated security fixes
GitHub, the largest code-hosting site in the world, has announced many new features and changes at the 2019 GitHub Satellite conference that took place last week in Berlin. …
US charges Assange with 17 counts under Espionage Act
The US Department of Justice has hit WikiLeaks founder Julian Assange with 17 charges related to illegally obtaining, receiving and disclosing classified information related …
How mainstream media coverage affects vulnerability management
For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has …
Solving the network visibility problem with NaaS
Network visibility is crucial for many things: making sure that the equipment works properly monitoring and tweaking the network’s performance and protecting it against …
If you haven’t yet patched the BlueKeep RDP vulnerability, do so now
There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target …
How to write an effective data breach notification?
Data breach notifications sent by companies to affected customers are often unclear and not very helpful, University of Michigan researchers have found. The problem(s) The …
Official Tor Browser for Android available on Google Play
The Tor Project has released the first stable version of the Tor Browser for Android. The release is referred to as version 8.5, mainly to prevent confusion: Tor Browser …