Zeljka Zorz
Microsoft makes tamper protection for macOS endpoints widely available
The tamper protection feature in Microsoft Defender for Endpoint for macOS is getting rolled out to all customers, the company has announced on Monday. The feature is meant …
DigitalOcean customers affected by Mailchimp “security incident”
A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …
1,900 Signal users exposed following Twilio breach
The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. …
Cisco has been hacked by a ransomware gang
U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site. …
Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
Twilio confirms data breach after its employees got phished
Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
VMware has released fixes for ten vulnerabilities, including CVE-2022-31656, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and …
Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …
Ransomware gangs are hitting roadblocks, but aren’t stopping (yet)
Ransomware attacks are in decline, according to reports by several cybersecurity companies. Why is that? More effort for less pay In its mid-year 2022 Cyber Threat Report, …
Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching …