Zeljka Zorz
Even a cybersecurity firm can fall for a W-2 phishing scam
US Tax Day (April 18) is quickly approaching, and scammers are hard at work to get what they can before the set tax season deadline. The US IRS is warning about last-minute …
Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in …
300+ Cisco switches affected by critical bug found in Vault 7 data dump
While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited …
Unpatched flaw opens Ubiquiti Networks devices to compromise
A critical vulnerability in many of Ubiquiti Networks’ networking devices can be exploited by attackers to take over control of the device and, if that device acts as a …
Fileless attack framework was used in many recent attacks
In the last month or so, a number of security companies spotted attackers targeting a variety of organizations around the world with spear-phishing emails delivering …
Intel is offering up to $30,000 for bugs in its hardware
Intel has become the latest tech company to launch a bug bounty program. Intel bug bounty program: What’s in scope and what is not Intel is looking for bug hunters to …
User info of millions of Wishbone users slurped by hackers
Science Inc., the company behind the popular online poll creation app Wishbone, has suffered a data breach. As a consequence, personal and account information of over 2.2 …
Lip movement: Authentication through biometrics you can change
Choosing a unique, complex and long enough password that will still be easy to remember is a big challenge for most users, and most of them would happily opt for biometric …
Leaked: Personal info on 33+ million employees across the US
Personal and contact information on over 33 million employees of various US-based corporations and federal agencies like the Department of Defense has been leaked. The …
March Patch Tuesday closes record number of vulnerabilities
With no February Patch Tuesday, it was to be expected that Microsoft would fix a huge number of security issues in March. They didn’t disappoint: 139 unique CVEs have …
Online fraudsters’ preferred tools and techniques revealed
A new report by DataVisor Threat Labs has provided unprecedented insight into the behaviors and attack techniques of some of the world’s largest online crime rings, and …
Organizations hit with Petya ransomware with a twist
Various organizations are being targeted by cyber crooks leveraging the infamous Petya ransomware. A modified Petya version inside a Trojan But victims will have a difficult …
Featured news
Resources
Don't miss
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
- Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence
- How CISOs can elevate cybersecurity in boardroom discussions
- A humble proposal: The InfoSec CIA triad should be expanded
- Rsync vulnerabilities allow remote code execution on servers, patch quickly!