Zeljka Zorz
Explosion of 0-day exploits: The bad news and the good news
Have you noticed that lately we’ve been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? “Halfway into 2021, there have been 33 0-day …
July 2021 Patch Tuesday: Microsoft fixes 4 actively exploited bugs
On this July 2021 Patch Tuesday: Microsoft has fixed 117 CVEs, 4 of which are actively exploited Adobe has delivered security updates for Acrobat and Reader, Bridge, …
Gmail increases email security by adding support for BIMI
Organizations who deploy Domain-based Message Authentication, Reporting, and Conformance (DMARC) will, from now on, be able to increase Gmail recipients’ trust in the …
SolarWinds patches zero-day exploited in the wild (CVE-2021-35211)
SolarWinds has released an emergency patch for CVE-2021-35211, a RCE vulnerability affecting its Serv-U Managed File Transfer and Serv-U Secure FTP that is currently being …
How to improve your organization’s Active Directory security posture
Active Directory (AD), a directory service developed by Microsoft for Windows domain networks, is most organizations’ primary store for employee authentication and …
PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …
New security measures to keep Google Play safe
Google is announcing two new security measures aimed at minimizing the number of malicious / potentially unwanted apps available for download from the Google Play Store: …
Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot (BIOS/UEFI) environment, …
Virtual machines hide ransomware until the encryption process is done
The use of virtual machines (VMs) to run the malicious payload is getting more popular with ransomware attackers, Symantec’s Threat Hunter Team claims. Ransomware deployed in …
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
Scammers are impersonating the DarkSide ransomware gang
Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous