Zeljka Zorz
Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak …
Which users are at higher risk of email-based phishing and malware?
The risk of being targeted with email-based phishing and malware attacks is not evenly spread across geographic and demographic boundaries, Google and Stanford University …
February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days
On this February 2021 Patch Tuesday: Adobe has fixed a Reader flaw used in limited attacks, as well as delivered security updates for a variety of products, including Acrobat …
Hackers hit CD Projekt Red, steal data, ask for ransom
Polish game developer CD Projekt Red has been hit by hackers, who breached its internal network, stole data, encrypted some devices, and asked for a ransom to not sell of leak …
Microsoft to alert enterprise security teams when nation-state attackers target their employees
Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers. The …
Can we put a stop to cyber harassment?
Cyber harassment via social networks, media, and other online channels is an everyday reality for too many people, and the problem is getting worse. It might seem inevitable, …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
SolarWinds Orion exploited by another group of state-sponsored hackers
Another group of state-sponsored hackers has exploited the ubiquity of SolarWinds software to target US government agencies, Reuters reported on Tuesday. State-sponsored …
Top 10 most exploited vulnerabilities from 2020
Vulnerability intelligence-as-a-service outfit vFeed has compiled a list of the top 10 most exploited vulnerabilities from 2020, and among them are SMBGhost, Zerologon, and …
Actively exploited SonicWall zero-day affects SMA 100 series appliances
SonicWall has confirmed that the actively exploited zero-day vulnerability spotted by the NCC Group on Sunday affects its Secure Mobile Access (SMA) 100 series appliances. …
How to motivate employees to take cybersecurity seriously
How can we push employees / users to take cybersecurity to heart? Dr. Maria Bada, external behavioral scientist at AwareGO, has been working on the answer for years. After …
“Serious” vulnerability found in Libgcrypt, GnuPG’s cryptographic library
Libgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard (GnuPG) free encryption software, has a “severe” security …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?