Zeljka Zorz
Cisco fixes security holes in SD-WAN, Webex, Small Business routers
Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical …
Apple delivers security patches, plugs an RCE achievable via FaceTime
Apple has released a new set of updates for its various products, plugging a wide variety of vulnerabilities. WatchOS, tvOS, Safari and iCloud Let’s start with …
Cybercriminals increasingly taking aim at businesses
2018 has been the year when cryptominers first dethroned ransomware as the most prevalent threat due to a meteoric spike in Bitcoin value in late 2017, then slowly trailed off …
0patch releases micropatch for Windows Contacts RCE zero-day
ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch …
Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution
A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to …
Microsoft launches Azure DevOps bug bounty program
Microsoft has launched yet another bug bounty program and is urging security researchers to look into the security of Azure DevOps, its cloud service for collaborating on code …
Most Facebook users aren’t aware that Facebook tracks their interests
Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their …
Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining …
773 million records exposed in massive data breach
Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for …
Compromised ad company serves Magecart skimming code to hundreds of websites
Security researchers have flagged a new web-based supply chain attack by one of the cybercriminal groups that fall under the Magecart umbrella. The attackers managed to …
Researcher releases PoC for Windows VCF file RCE vulnerability
A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, …
BEC scammers add payroll diversion to their repertoire
All the attention the most typical BEC scams have been receiving in the last few years must have affected their effectiveness and forced scammers to come up with new ways for …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users