Zeljka Zorz
Cable Haunt: Unknown millions of Broadcom-based cable modems open to hijacking
A vulnerability (CVE-2019-19494) in Broadcom‘s cable modem firmware can open unknown millions of broadband modems by various manufacturers to attackers, a group of …
Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing
With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a …
Office 365 users: Beware of phishing emails pointing to Office Sway
One of phishers’ preferred methods for fooling both targets and email filters is to use legitimate services to host phishing pages. The latest example of this involves …
Attackers exploiting critical Citrix ADC, Gateway flaw, company yet to release fixes
Nearly a month has passed since Citrix released mitigation measures for CVE-2019-19781, a critical vulnerability affecting Citrix Application Delivery Controller and Citrix …
Mozilla patches actively exploited Firefox zero-day
Mozilla has patched a Firefox zero-day vulnerability (CVE-2019-17026) that is being exploited in attacks in the wild and is urging Firefox and Firefox ESR users to update …
App on Google Play exploited Android bug to deliver spyware
Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app …
Travelex extorted by ransomware gang, services still offline a week after the hit
On the last day of 2019, foreign exchange company Travelex was hit by cyber attackers wielding the Sodinokibi (aka REvil) ransomware. More than a week later, the …
Cisco Data Center Network Manager flaws fixed, Cisco ASA appliances under attack
Cisco has fixed 12 vulnerabilities in Cisco Data Center Network Manager (DCNM), a platform for managing Cisco switches and fabric extenders that run NX-OS, and has warned …
What are CISOs’ most pressing cybersecurity challenges?
CISOs are increasingly preoccupied with digital transformation, migration to cloud environments, and data governance, a recent YL Ventures survey has shown. The Israeli …
Know your enemy: Mapping adversary infrastructure quickly and accurately
Group-IB is a known quantity in the information security arena: in the sixteen years since its inception, the company – now headquartered in Singapore – has …
Data collection balancing act: Privacy, trust and consumer convenience
With the advent of laws like the EU’s GDPR and California’s CCPA, which are sure to be portents of things to come (i.e., more and better data privacy legislation), …
How Google applies Europe’s Right to Be Forgotten
Five years ago, after a landmark ruling of the Court of Justice of the European Union, Google began receiving, evaluating and acting upon requests to delist certain URLs …