Zeljka Zorz
Attackers are attempting to exploit critical F5 BIG-IP RCE
Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, …
NIST updates guidance for cybersecurity supply chain risk management
The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks …
Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)
F5 Networks‘ BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388. “This vulnerability may …
A checklist to help healthcare organizations respond to a serious cyberattack
How should organizations in the healthcare sector respond to outage due to a serious cyberattack? The Healthcare and Public Health Sector Coordinating Council’s (HSCC) …
Stealthy APT group plunders very specific corporate email accounts
An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …
Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April …
CMS-based sites under attack: The latest threats and trends
Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, …
Google offers 50% higher bounties for bugs in Android 13 Beta
Google has released Android 13 Beta 1 and has sent out a call for bug hunters: Find bugs in it, and you’ll get a 50% bonus reward payout. They should hurry up, though: …
Critical vulnerabilities open Synology, QNAP NAS devices to attack
Users of Synology and QNAP network-attached storage (NAS) devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an …
The 15 most exploited vulnerabilities in 2021
In 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by …
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
Meteoric attack deploys Quantum ransomware in mere hours
A group wielding the Quantum Locker ransomware is hitting targets in a blitzkrieg-like manner, going from intial compromise to domain-wide deployment and execution in under …
Featured news
Resources
Don't miss
- Qantas data breach could affect 6 million customers
- Cybersecurity essentials for the future: From hype to what works
- How FinTechs are turning GRC into a strategic enabler
- Secretless Broker: Open-source tool connects apps securely without passwords or keys
- Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC