Zeljka Zorz
Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …
Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon Macs
Offensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it. Kali Linux …
CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which …
Accellion FTA attacks, extortion attempts might be the work of FIN11
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted …
Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations
After earning his master’s degree in computer science and working on the IT side of the business at a number of large financial services organizations, Bobby Balachandran …
Apple details major security, privacy enhancements in its devices
Security and privacy are a big selling point for Apple. The company has released on Thursday a newer version of its Platform Security Guide, outlining the security and privacy …
Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code
Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code …
Phishers tricking users via fake LinkedIn Private Shared Document
Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security …
Tips for boosting the “Sec” part of DevSecOps
The most significant barrier to achieving DevSecOps is the continued perception that “Sec” is not already a part of “Dev” and “Ops”, says James Arlen, CISO at cloud data …
Hackers exploited Centreon monitoring software to compromise IT providers
Unknown hackers – possibly the Sandworm APT – have been compromising enterprise servers running the Centreon monitoring software for over three years, the French …
Top 10 most used MITRE ATT&CK tactics and techniques
Which tactics and techniques are cyber attackers favoring? vFeed has compiled a list of the Top 10 Most Used MITRE ATT&CK Tactics and Techniques to help security teams …
Accellion to retire enterprise file-sharing product targeted in recent attacks
U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by …