Zeljka Zorz
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2018/07/09100610/windows-400x200.jpg)
Windows backdoor masquerading as VPN app installer
Windows users looking to install a VPN app are in danger of downloading one that’s been bundled with a backdoor, Trend Micro researchers warn. The trojanized package in …
![iOS 14](https://img.helpnetsecurity.com/wp-content/uploads/2020/09/21190209/ios14-app_privacy-400x200.jpg)
iOS 14: New privacy and security features
Apple has released iOS 14, with a bucketload of new and improved functional features and a handful of privacy and security ones. New privacy and security features in iOS 14 …
![DHS](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111746/dhs-400x200.jpg)
CISA orders federal agencies to implement Zerologon fix by Monday
If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …
![Google](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194147/google-400x200.png)
Google offers high-risk Chrome users additional scanning of risky files
Google is providing a new “risky files” scanning feature to Chrome users enrolled in its Advanced Protection Program (APP). About the Advanced Protection Program …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2018/03/09101448/apple-400x200.png)
Safari 14: New privacy and security features
Apple has released Safari 14, which features many functional improvements, a Privacy Report that shows all the trackers the browser has neutralized, and and does not support …
![hardware](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093707/hardware2-400x200.jpg)
Microsoft open-sources tool that enables continuous developer-driven fuzzing
Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results …
![zero](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093605/zero-400x200.jpg)
Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability …
![user](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093814/user-400x200.jpg)
Aiming for a career in cybersecurity? Now is the time to pick up new skills
The COVID-19 pandemic took most of us by surprise. Widespread shelter-in-place mandates changed how we work (and whether we can work), play, rest, shop, communicate and learn. …
![Zoom 2FA](https://img.helpnetsecurity.com/wp-content/uploads/2020/09/11102527/zoom-2fa-add-400x200.jpg)
How to add 2FA to your Zoom account
Video conferencing platform Zoom is finally offering all users the option to enable two-factor authentication (2FA) to secure their accounts against credential stuffing …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/08/11203235/patch-tuesday-mountain-400x200.jpg)
September 2020 Patch Tuesday: Microsoft fixes over 110 CVEs again
On this September 2020 Patch Tuesday: Microsoft has plugged 129 security holes, including a critical RCE flaw that could be triggered by sending a specially crafted email to …
![](https://img.helpnetsecurity.com/wp-content/uploads/2020/09/08130506/android-logo-white-400x200.jpg)
Popular Android apps are rife with cryptographic vulnerabilities
Columbia University researchers have released Crylogger, an open source dynamic analysis tool that shows which Android apps feature cryptographic vulnerabilities. They also …
![securing Active Directory](https://img.helpnetsecurity.com/wp-content/uploads/2020/09/07095516/securing-active-directory-400x200.jpg)
Securing Active Directory accounts against password-based attacks
Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?