Zeljka Zorz
Can you trust attachments with unfamiliar extensions?
Microsoft’s security experts have warned on Monday about several email malware delivery campaigns exploiting the COVID-19 pandemic targeting companies in the US and …
Phishers target investment brokers, aim for Office, SharePoint login credentials
Phishers are trying to trick investment brokers into sharing their Microsoft Office or SharePoint login credentials by impersonating FINRA, a non-governmental organization …
Fake Microsoft Teams notification emails are hitting inboxes
Phishers are using fake Microsoft Teams notification emails to trick users into sharing their Microsoft Teams and Office 365 login credentials. “Should the recipient …
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Help your helpdesk: Empower employees to self-reset their AD account password
The COVID-19 pandemic has triggered a momentous shift for many organizations: remote work has become the new normal. Businesses that were skeptical before are now being forced …
Google announces cull of low-quality, misleading Chrome extensions
With Google Chrome being by far the most widely used web browser, Google must constantly tweak protections, rules and policies to keep malicious, unhelpful and otherwise …
How to thwart human-operated ransomware campaigns?
Most ransomware campaigns hitting healthcare organizations and critical services right now are just the final act of a months-long compromise. “Using an attack pattern …
Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge
Adobe has pushed out security updates fixing critical flaws in Magento Commerce, Open Source Enterprise and Community editions, Adobe Illustrator 2020 for Windows, and Adobe …
Is the future of information security and tech conferences virtual?
The COVID-19 pandemic has brought about many changes to our personal and work lives. Among the latter are the forced work from home shift and the inability to travel far and …
Which video call apps should you use if you care about privacy?
To help individuals and organizations choose video call apps that suit their needs and their risk appetite, Mozilla has released a new “Privacy Not Included” …
Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?
Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …
Web shell malware continues to evade many security tools
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals …