Zeljka Zorz
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Solving the cloud infrastructure misconfiguration problem
Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents …
Oracle CPU October 2018: 301 vulnerabilities patched
Oracle has released its Critical Patch Update for October 2018, fixing 301 vulnerabilities across a wide range of its products, including Oracle Database Server, Oracle …
Endpoint security solutions challenged by zero-day and fileless attacks
There is an endpoint protection gap against modern threats, the result of a recent survey by the Ponemon Institute and Barkly have shown. The organizations polled 660 IT and …
2018 US voter records offered for sale on hacking forum
Somebody is selling US voter registration databases on an English-language speaking dark web hacker forum and the offer comes with the promise they will be updated every week, …
Facebook data breach: Victims will not be offered free identity theft protection
Facebook announced that the recent data breach it has suffered is a little less massive than initially thought: “only” 30 million users have been affected. But, …
Hackers steal Pentagon personnel’s PI and credit card data
The U.S. Department of Defense confirmed on Friday that personal information and credit card data of some 30,000 U.S. military and civilian personnel has been compromised in a …
Fake Flash updaters deliver cryptominers AND update Flash
Cryptominers have dethroned ransomware as the top malware threat and cybercriminals are coming up with new ways to keep the mining activity secret from the victims. One of …
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Researchers link Industroyer to NotPetya
ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts …
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. Critical issues fixed CVE-2018-0044 …