Zeljka Zorz
New security measures to keep Google Play safe
Google is announcing two new security measures aimed at minimizing the number of malicious / potentially unwanted apps available for download from the Google Play Store: …
Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot (BIOS/UEFI) environment, …
Virtual machines hide ransomware until the encryption process is done
The use of virtual machines (VMs) to run the malicious payload is getting more popular with ransomware attackers, Symantec’s Threat Hunter Team claims. Ransomware deployed in …
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
Scammers are impersonating the DarkSide ransomware gang
Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro …
Microsoft Defender for Endpoint now detects jailbroken iOS devices
Microsoft has announced new and improved capabilities for enterprise security teams that use Microsoft Defender for Endpoint on Android and iOS and Microsoft threat and …
Unprotected CVS database exposed sensitive customer searches
Researchers have discovered an unprotected, exposed online database with over a billion records belonging to American healthcare company CVS Health. The discovery, made by …
Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …
Cyber criminals are targeting digital artists
Cyber criminals looking for a quick payout and valuables are targeting digital artists using NFTs (non-fungible tokens), warns security researcher Bart Blaze. The attackers …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?