Zeljka Zorz
USB threat vector trends and implications for industrial operators
In an attempt to make industrial control systems less accessible to attackers, industrial players are limiting network access and increasingly using USB media devices to …
Cisco security appliances under attack, still no patch available
A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company …
Apple releases security updates, says new MacBooks will disconnect microphone when lid is closed
Apple unveiled new Macs and iPads on Tuesday and has pushed out security updates for macOS (Mojave, High Sierra, Sierra), iOS, watchOS, tvOS, Safari, iTunes, and iCloud for …
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
Windows Defender can now run inside a sandbox
Microsoft has made it possible for Windows Defender Antivirus to be run within a sandbox, a restrictive environment that separates the AV’s processes from those of the …
Phishing attacks becoming more targeted, phishers love Microsoft the most
Microsoft remains ensconced on the top of the list of brands impersonated by phishers in North America, Vade Secure has revealed. Phishers’ favorite targets The company …
Serverless botnets could soon become reality
We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
Safeguarding hybrid-cloud infrastructures through identity privilege management
Most enterprises have embraced the advantages a cloud infrastructure can bring to their computing, storage, network or other needs, and many are juggling multiple cloud …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Solving the cloud infrastructure misconfiguration problem
Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month