Zeljka Zorz
![WordPress](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/04181140/red-wordpress-logo-400x200.jpg)
Attackers tried to grab WordPress configuration files from over a million sites
A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2019/06/09094049/cisco1-400x200.jpg)
Cisco plugs bucketful of security holes in industrial routers, switches
Cisco has fixed more than two dozen critical and high-severity security vulnerabilities affecting operating systems running on the company’s carrier-grade and industrial …
![Zoom](https://img.helpnetsecurity.com/wp-content/uploads/2020/04/14163956/zoom-office-400x200.jpg)
Zoom to offer end-to-end encryption only to paying customers
As Zoom continues on its path to bring end-to-end encryption (E2EE) to users, the big news is that only paid users will have access to the option. “Free users for sure we …
![Office 365](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092801/office365-400x200.jpg)
Office 365 users: Beware of fake company emails delivering a new VPN configuration
Phishers are impersonating companies’ IT support team and sending fake VPN configuration change notifications in the hopes that remote employees may be tricked into …
![G Suite](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/03142041/gsuite-yellow-400x200.jpg)
Things to keep in mind when downloading apps from G Suite Marketplace
Security researchers have tested nearly 1,000 enterprise apps offered on Google’s G Suite Marketplace and discovered that many ask for permission to access to user data …
![thief](https://img.helpnetsecurity.com/wp-content/uploads/2018/11/09095826/thief-400x200.jpg)
The “return” of fraudulent wire transfers
Ransomware gangs targeting businesses are currently getting more public attention, but scammers trying to trick employees into performing fraudulent wire transfers are once …
![VMware Cloud Director](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/02110924/vmware_clouddirector-400x200.jpg)
VMware Cloud Director vulnerability enables a full cloud infrastructure takeover
A code injection vulnerability (CVE-2020-3956) affecting VMware vCloud Director could be exploited to take over the infrastructure of cloud services, Citadelo researchers have …
![biohazard](https://img.helpnetsecurity.com/wp-content/uploads/2018/09/09100312/biohazard-400x200.jpg)
New propagation module makes Trickbot more stealthy
Trickbot infections of Domain Controller (DC) servers has become more difficult to detect due to a new propagation module that makes the malware run from memory, Palo Alto …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2019/06/09094049/cisco1-400x200.jpg)
Hackers breached six Cisco servers through SaltStack Salt vulnerabilities
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was …
![target](https://img.helpnetsecurity.com/wp-content/uploads/2017/09/09103023/target-400x200.jpg)
NSA warns about Sandworm APT exploiting Exim flaw
The Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019, the NSA has warned in a security …
![USB](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/28135319/usb-chaos-400x200.jpg)
New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating …
![strandhogg](https://img.helpnetsecurity.com/wp-content/uploads/2019/12/03121939/strandhogg-400x200.jpg)
StrandHogg 2.0: Critical Android flaw allows app hijacking, data theft
Google has released a patch for CVE-2020-0096, a critical escalation of privilege vulnerability in Android that allows attackers to hijack apps (tasks) on the victim’s …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?