Zeljka Zorz
Business executives targeted with Office 365-themed phishing emails
An ongoing campaign powered by a phishing kit sold on underground forums is explicitly targeting high-ranking executives in a variety of sectors and countries with fake Office …
Security researchers targeted by North Korean hackers
Over the past few months, hackers have been trying to surreptitiously backdoor the computer systems of a number of security researchers working on vulnerability research and …
SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?
On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable …
Zero trust: A solution to many cybersecurity problems
The SolarWinds hack and the never-ending stream of revelations about the attackers’ tools, techniques and other targets has been occupying the minds of CISOs and …
Bugs in Signal, other video chat apps allowed attackers to listen in on users
Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook …
Malwarebytes was breached by the SolarWinds attackers
A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral …
Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning
Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache …
OpenWrt discloses forum data breach
The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum …
Phishers count on remotely hosted images to bypass email filters
Loading remotely hosted images instead of embeedding them directly into emails is one of the latest tricks employed by phishers to bypass email filters. Phishers are always …
January 2021 Patch Tuesday: Microsoft plugs Defender zero-day RCE
On this January 2021 Patch Tuesday: Microsoft has plugged 83 CVEs, including a Microsoft Defender zero-day Adobe has delivered security updates for a variety of products SAP …
SolarWinds hack investigation reveals new Sunspot malware
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …
Ubiquiti warns customers about potential data breach
American networking tech vendor Ubiquiti is asking customers to change their password because of unauthorized access to some of their information technology systems hosted by …