Zeljka Zorz
Networking vendors patch against new cryptographic attack
Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, …
August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days
In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has …
New Office 365 phishing attack uses malicious links in SharePoint documents
Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Turning off Location History doesn’t prevent Google from knowing your location
If you believe that by turning off Location History on your Android device or iPhone means that Google won’t be able to know your location, think again: Princeton …
Vulnerabilities in smart card drivers open systems to attackers
Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into …
Critical vulnerability in Oracle Database, patch without delay!
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell …
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
Social Mapper: A free tool for automated discovery of targets’ social media accounts
Trustwave has released Social Mapper, an open source tool that automates the process of discovering individuals’ social media accounts. How Social Mapper works The tool …
IoT malware found hitting airplanes’ SATCOM systems
In 2014, IOActive researchers revealed security vulnerabilities they found in the most widely deployed satellite communications terminals and presented potential scenarios …
Smart cities are exposed to old-school threats
Spurred by the false alarm that made Hawaii residents fear for their lives earlier this year, IBM X-Force Red and Threatcare researchers have decided to test several smart …
Which SD-WAN product should enterprises choose?
Adoption of Software Defined Wide Area Network (SD-WAN) has reached an inflection point and nearly every distributed business is deploying, evaluating, or planning to …
Featured news
Resources
Don't miss
- GitHub CISO on security strategy and collaborating with the open-source community
- Chainsaw: Open-source tool for hunting through Windows forensic artefacts
- Time for a change: Elevating developers’ security skills
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance