Zeljka Zorz
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited …
Telecom firms hit with novel backdoors disguised as security software
Researchers have unearthed new backdoors leveraged to maintain long-term access in the networks of telecom firms in the Middle East. HTTPSnoop and PipeSnoop – as the two …
Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)
Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in …
Shadow IT: Security policies may be a problem
3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent …
Attackers hit software firm Retool to get to crypto companies and assets
Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over …
Attackers use fallback ransomware if LockBit gets blocked
Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates …
Microsoft Teams phishing: Enterprises targeted by ransomware access broker
A threat actor known for providing ransomware gangs with initial access to enterprise systems has been phishing employees via Microsoft Teams. “For this activity, …
How should SMBs navigate the phishing minefield?
In this Help Net Security interview, Pete Hoff, CISO at Wursta, offers advice to SMB security leaders and professionals on how to minimize the threat phishing presents to …
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and …
Requests via Facebook Messenger lead to hijacked business accounts
Hijackers of Facebook business accounts are relying on fake business inquiries and threats of page/account suspension to trick targets into downloading password-stealing …
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access …
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of …
Featured news
Sponsored
Don't miss
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue
- Practical strategies to build an inclusive culture in cybersecurity
- Domain security posture of Forbes Global 2000 companies