Zeljka Zorz
August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days
In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has …
New Office 365 phishing attack uses malicious links in SharePoint documents
Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Turning off Location History doesn’t prevent Google from knowing your location
If you believe that by turning off Location History on your Android device or iPhone means that Google won’t be able to know your location, think again: Princeton …
Vulnerabilities in smart card drivers open systems to attackers
Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into …
Critical vulnerability in Oracle Database, patch without delay!
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell …
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
Social Mapper: A free tool for automated discovery of targets’ social media accounts
Trustwave has released Social Mapper, an open source tool that automates the process of discovering individuals’ social media accounts. How Social Mapper works The tool …
IoT malware found hitting airplanes’ SATCOM systems
In 2014, IOActive researchers revealed security vulnerabilities they found in the most widely deployed satellite communications terminals and presented potential scenarios …
Smart cities are exposed to old-school threats
Spurred by the false alarm that made Hawaii residents fear for their lives earlier this year, IBM X-Force Red and Threatcare researchers have decided to test several smart …
Which SD-WAN product should enterprises choose?
Adoption of Software Defined Wide Area Network (SD-WAN) has reached an inflection point and nearly every distributed business is deploying, evaluating, or planning to …
Should we add bugs to software to put off attackers?
A group of New York University researchers are testing a new approach to software security: adding more bugs to it instead of removing them. The idea is to “drown …