Zeljka Zorz
![certificate](https://img.helpnetsecurity.com/wp-content/uploads/2018/02/09101804/certificate-400x200.jpg)
Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)
Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker …
![Hand](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/26121349/monitor-hand-reach-400x200.jpg)
Attackers use portable executables of remote management software to great effect
Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially …
![Riot Games](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/25124149/riot-games-1280-400x200.jpg)
Riot Games breached: How did it happen?
The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company’s popular League of Legends online game. The …
![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/19125355/vmware-1600-hns-400x200.jpg)
Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)
VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its …
![key](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092913/keys-400x200.jpg)
GoTo now says customers’ backups have also been stolen
GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2020/02/11151617/apple-orange-400x200.jpg)
Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component …
![security awareness](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/18071416/sec-awareness-400x200.jpg)
ENISA gives out toolbox for creating security awareness programs
The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations …
![git](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/19125253/git-19012023-04-400x200.jpg)
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
![NetComm NF20MESH](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/18145018/netcomm-nf20mesh-400x200.jpg)
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
![Google ads](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/18131424/google_ads-18012023-02-400x200.jpg)
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
![ManageEngine](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/17133814/manageengine-door-400x200.jpg)
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
![CircleCI](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/16144633/circleci-logo-1280-400x200.jpg)
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints