Zeljka Zorz
New EvilQuest macOS ransomware is a smokescreen for other threats
A new piece of ransomware dubbed EvilQuest (aka ThiefQuest) is being delivered bundled up with pirated versions of popular macOS software, researchers warned. But the …
Fake “DNS Update” emails targeting site owners and admins
Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to …
Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP!
Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS, the custom operating system running on its next generation …
Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance
When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that …
Cybercriminals are using IM platforms as marketplaces
Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight …
How attackers target and exploit Microsoft Exchange servers
Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could …
Microsoft releases Defender ATP for Android and Linux
Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. Microsoft Defender Advanced Threat Protection …
How to establish a threat intelligence program
Instituting an in-house cyber threat intelligence (CTI) program as part of the larger cybersecurity efforts can bring about many positive outcomes: The organization may …
How to secure software in a DevOps world
The COVID-19 pandemic and its impact on the world has made a growing number of people realize how many of our everyday activities depend on software. We increasingly work, …
Drupal fixes three vulnerabilities, including one RCE
Drupal’s security team has fixed three vulnerabilities in the popular content management system’s core, one of which (CVE-2020-13663) could be exploited to achieve …
Using Cisco Webex for your video conferencing needs? Go patch!
Cisco has released security updates for Cisco Webex Meetings and Cisco Webex Meetings Server that fix several remotely exploitable vulnerabilities, as well as one less severe …
Most COVID-19 contact-tracing apps are not adequately secured
Security researchers have analyzed contact-tracing mobile apps from around the globe and found that their developers have generally failed to implement suitable security and …