Zeljka Zorz
OpenWrt discloses forum data breach
The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum …
Phishers count on remotely hosted images to bypass email filters
Loading remotely hosted images instead of embeedding them directly into emails is one of the latest tricks employed by phishers to bypass email filters. Phishers are always …
January 2021 Patch Tuesday: Microsoft plugs Defender zero-day RCE
On this January 2021 Patch Tuesday: Microsoft has plugged 83 CVEs, including a Microsoft Defender zero-day Adobe has delivered security updates for a variety of products SAP …
SolarWinds hack investigation reveals new Sunspot malware
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …
Ubiquiti warns customers about potential data breach
American networking tech vendor Ubiquiti is asking customers to change their password because of unauthorized access to some of their information technology systems hosted by …
Securing the connected home: A joint task for homeowners and their ISP
As COVID-19 spread over the world and nations and businesses adapted to minimize citizens’ and employees’ personal interactions to help contain the infection, a …
Cybersecurity sales: Do you have what it takes to succeed?
Technology is at the heart of the world economy, and we’re moving into a new age of business where its technology – not people – is becoming the differentiator, …
Sealed U.S. court records possibly accessed by SolarWinds attackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds …
We got used to SMS notifications and phishers are capitalizing on it
A rising onslaught of phishing messages delivered via SMS (aka “smishing”) has been hitting mobile users around the world in the last few months. The fake messages …
Script for detecting vulnerable TCP/IP stacks released
Just as ICS-CERT published a new advisory detailing four new vulnerabilities in the Treck TCP/IP stack, Forescout released an open-source tool for detecting whether a network …
Microsoft was also a victim of the SolarWinds supply chain hack
Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. …
SolarWinds hackers’ capabilities include bypassing MFA
As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. …