Zeljka Zorz
![Progress](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/04154556/progress-1500-400x200.webp)
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About …
![](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092849/docker-warning-400x200.jpg)
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, …
![GitHub](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/24161318/github-ghost-400x200.webp)
Network of ghost GitHub accounts successfully distributes malware
Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and …
![Crowdstrike](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/19183542/crowdstrike-update-400x200.webp)
CrowdStrike blames buggy testing software for disastrous update
A bug in the Content Validator – a software element CrowdStrike relies on for testing and validating Rapid Response Content updates for its Falcon Sensors – is …
![cybersecurity threats](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/17113455/cybersecurity_threats-400x200.webp)
The changes in the cyber threat landscape in the last 12 months
When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable. …
![Microsoft Crowdstrike](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/22140803/microsoft-crowdstrike-400x200.webp)
Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for …
![Crowdstrike](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/19183542/crowdstrike-update-400x200.webp)
Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. …
![Crowdstrike](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/19130705/crowdstrike-1-1500-400x200.webp)
Faulty CrowdStrike update takes out Windows machines worldwide
A more recent update on the situation (July 19, 2024, 12:42 ET) Houndreds of housands and possibly millions of Windows computers and servers worldwide have been made …
![](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/18164309/splunk-1500-2-400x200.webp)
Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s …
![dark web](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/28085705/darkweb-400x200.jpg)
FIN7 sells improved EDR killer tool
The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12084252/cisco-neon2-400x200.jpg)
Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/16153548/microsoft-1500-rain-400x200.webp)
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege