Zeljka Zorz
State-sponsored hackers know enterprise VPN appliances inside out
Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of …
White House: Use memory-safe programming languages to protect the nation
The White House is asking the technical community to switch to using memory-safe programming languages – such as Rust, Python, Swift, C#, Java, and Go – to prevent …
Meta plans to prevent disinformation and AI-generated content from influencing voters
Meta, the company that owns some of the biggest social networks in use today, has explained how it means to tackle disinformation related to the upcoming EU Parliament …
LockBit leak site is back online
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with …
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …
Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)
The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, …
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …
LockBit takedown: Infrastructure disrupted, criminals arrested, decryption keys recovered
In the wake of yesterday’s surprise law enforcement takeover of LockBit’s leak site, the UK National Crime Agency (NCA) and Europol have shared more information …
LockBit disrupted by international law enforcement task force
On Monday afternoon, LockBit’s leak site has been taken over by a coalition of law enforcement agencies and is showing a seizure notice that promises more details today, …
Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!
UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …
RCE vulnerabilities fixed in SolarWinds enterprise solutions
SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable …
QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)
QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the …
Featured news
Resources
Don't miss
- Qantas data breach could affect 6 million customers
- Cybersecurity essentials for the future: From hype to what works
- How FinTechs are turning GRC into a strategic enabler
- Secretless Broker: Open-source tool connects apps securely without passwords or keys
- Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC