Zeljka Zorz
Enhancing cyber resilience in the oil and gas industry
The World Economic Forum (WEF) has brought together industry and cybersecurity experts from companies and organizations such as Siemens Corp, Saudi Aramco, Royal Dutch Shell, …
Apple fixes macOS zero-day exploited by malware (CVE-2021-30713)
A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
Fake Amazon order emails lead to vishing
Fraudsters are sending out fake Amazon order emails and tricking online shoppers into calling a telephone number manned by them to steal the shoppers’ credit card …
Detecting attackers obfuscating their IP address inside AWS
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials …
RaaS gangs go “private” after stirring a hornet’s nest
After a decade or so of ransomware attacks against sometimes very prominent targets, the recent Colonial Pipeline ransomware attack by the Darkside gang has been the …
Vulnerability in popular browsers could be used to track, profile users online
A vulnerability affecting desktop versions of four popular web browsers could be exploited by advertisers, malicious actors, and other third parties to track and profile users …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …
Phishers using Zix to “legitimize” emails in the eyes of Office 365 users
UPDATE: May 19, 2021 – 03:10 AM ET Mirko Zorz, Editor in Chief, Help Net Security The page you are on used to contain a news item based on research from Abnormal …
May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
On this May 2021 Patch Tuesday: Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including …
Counterfit: Open-source tool for testing the security of AI systems
After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …