Zeljka Zorz
The biggest cyber threats organizations deal with today
Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect …
Large US hospital chain hobbled by Ryuk ransomware
US-based healtchare giant Universal Health Services (UHS) has suffered a cyberattack on Sunday morning, which resulted in the IT network across its facilities to be shut down. …
Phishers are targeting employees with fake GDPR compliance reminders
Phishers are using a bogus GDPR compliance reminder to trick recipients – employees of businesses across several industry verticals – into handing over their email …
NIST guide to help orgs recover from ransomware, other data integrity attacks
The National Institute of Standards and Technology (NIST) has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., …
Windows backdoor masquerading as VPN app installer
Windows users looking to install a VPN app are in danger of downloading one that’s been bundled with a backdoor, Trend Micro researchers warn. The trojanized package in …
iOS 14: New privacy and security features
Apple has released iOS 14, with a bucketload of new and improved functional features and a handful of privacy and security ones. New privacy and security features in iOS 14 …
CISA orders federal agencies to implement Zerologon fix by Monday
If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …
Google offers high-risk Chrome users additional scanning of risky files
Google is providing a new “risky files” scanning feature to Chrome users enrolled in its Advanced Protection Program (APP). About the Advanced Protection Program …
Safari 14: New privacy and security features
Apple has released Safari 14, which features many functional improvements, a Privacy Report that shows all the trackers the browser has neutralized, and and does not support …
Microsoft open-sources tool that enables continuous developer-driven fuzzing
Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results …
Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability …
Aiming for a career in cybersecurity? Now is the time to pick up new skills
The COVID-19 pandemic took most of us by surprise. Widespread shelter-in-place mandates changed how we work (and whether we can work), play, rest, shop, communicate and learn. …