Zeljka Zorz
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
Scammers are impersonating the DarkSide ransomware gang
Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro …
Microsoft Defender for Endpoint now detects jailbroken iOS devices
Microsoft has announced new and improved capabilities for enterprise security teams that use Microsoft Defender for Endpoint on Android and iOS and Microsoft threat and …
Unprotected CVS database exposed sensitive customer searches
Researchers have discovered an unprotected, exposed online database with over a billion records belonging to American healthcare company CVS Health. The discovery, made by …
Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …
Cyber criminals are targeting digital artists
Cyber criminals looking for a quick payout and valuables are targeting digital artists using NFTs (non-fungible tokens), warns security researcher Bart Blaze. The attackers …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …
Ransomware has become a cost of doing business
It’s easy to see why ransomware aimed at businesses is such a cash cow for criminals: for every Norsk Hydro and Fujifilm that refuses to pay the ransom, there is a …
Can your MFA implementations stymie MFA bypass attacks?
Shay Nahari, Head of Red-Team services at CyberArk, says that they’ve been increasingly asked by customers to probe their multi-factor authentication (MFA) defenses, …
What happens to email accounts once credentials are compromised?
Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers …
June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …