Zeljka Zorz, Author at Help Net Security

Zeljka Zorz

Attackers use novel technique, malware to compromise hypervisors and virtual machines

September 30, 2022

Unknown attackers wielding novel specialized malware have managed to compromise VMware ESXi hypervisors and guest Linux and Windows virtual machines, Mandiant threat analysts …

Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)

September 30, 2022

Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when …

MS SQL servers are getting hacked to deliver ransomware to orgs

September 27, 2022

Cybercriminals wielding the FARGO (aka Mallox, aka TargetCompany) ransomware are targeting Microsoft SQL (MS SQL) servers, AhnLab’s ASEC analysis team has warned. They …

To encrypt or to destroy? Ransomware affiliates plan to try the latter

September 26, 2022

Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and …

RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)

September 26, 2022

Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic …

Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)

September 23, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …

US to award $1B to state, local, and territorial governments to improve cyber resilience

September 21, 2022

The US government will award $1 billion in grants to help state, local, and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their …

Revolut data breach: 50,000+ users affected

September 20, 2022

Revolut, the fintech company behing the popular banking app of the same name, has suffered a data breach, which has been followed by phishing attacks aimed at taking advantage …

Uber says Lapsus$ gang is behind the recent breach

September 20, 2022

Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …

GTA 6 in-development footage leaked

September 19, 2022

American video game publisher Rockstar Games has suffered an unfortunate data leak: someone has released online in-development footage/videos for Grand Theft Auto (GTA) 6, the …

Uber hacked, attacker tears through the company’s systems

September 16, 2022

Uber has been hacked, again – this time by an 18-year-old (allegedly). According to The New York Times, the breach happened on Thursday. The hacker claims to have gotten …

US government software suppliers must attest their solutions are secure

September 15, 2022

The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software …

Zeljka Zorz

Attackers use novel technique, malware to compromise hypervisors and virtual machines

Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)

MS SQL servers are getting hacked to deliver ransomware to orgs

To encrypt or to destroy? Ransomware affiliates plan to try the latter

RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)

Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)

US to award $1B to state, local, and territorial governments to improve cyber resilience

Revolut data breach: 50,000+ users affected

Uber says Lapsus$ gang is behind the recent breach

GTA 6 in-development footage leaked

Uber hacked, attacker tears through the company’s systems

US government software suppliers must attest their solutions are secure

Don't miss

Attackers use novel technique, malware to compromise hypervisors and virtual machines

Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)

The current state of cloud security

The significance of parallel tasks execution for security teams

Embedded IoT security threats and challenges