Zeljka Zorz

Cisco botched patches for its RV320/RV325 routers
Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to …

When it comes to file sharing, the cloud has very few downsides
Organizations storing data and documents they work on in the cloud is a regular occurrence these days. The cloud offers scalability in terms of storage and cloud services …

The ransomware attack cost Norsk Hydro $40 million so far
A little over a week after the beginning of the ransomware attack targeting Norsk Hydro, the company has estimated that the costs it incurred because of it have reached …

ASUS confirms server compromise, releases fixed Live Update tool
ASUS has finally confirmed that its servers were compromised and that its ASUS Live Update tool has been tampered with, as revealed on Monday. “ASUS has also implemented …

Encrypted attacks growing steadily, cybercriminals are increasingly targeting non-standard ports
In 2018, SonicWall recorded the decline of cryptojacking, but more ransomware, highly targeted phishing, web application attacks and encrypted attacks. The company’s …

Apple fixed some interesting bugs in iOS and macOS
In addition to announcing a number of new products and subscription services, Apple has released security updates for iOS, macOS, Safari, tvOS, iTunes, iCloud, and Xcode. The …

How to build an effective vulnerability management program
The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown …

Attackers compromised ASUS to deliver backdoored software updates
Unknown attackers have compromised an update server belonging to Taiwanese computer and electronics maker ASUS and used it to push a malicious backdoor on a huge number of …

Norsk Hydro cyber attack: What’s new?
Norwegian aluminum producer Norsk Hydro ASA was hit by ransomware-wielding attackers early this week. The company lost no time in reacting and responding to the attack – …

Attackers are exploiting IMAP to bypass MFA on Office 365, G Suite accounts
Where possible, and especially for important accounts such as Office 365 and G Suite accounts, the prevailing advice for users is to enable two-factor authentication. …

Norsk Hydro cyber attack: What happened?
“Hydro subject to cyber-attack,” warned Oslo-headquartered Norsk Hydro ASA, one of the world’s biggest aluminum producers, on Tuesday. “Hydro has isolated …

Mirai variant picks up new tricks, expands list of targeted devices
Mirai, the infamous malware that turns Linux-based IoT devices into remotely controlled bots, has been updated to target new devices and device types. Among these are LG …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade