Zeljka Zorz

Password vulnerability at Fortune 1000 companies
Despite often repeated advice of using unique passwords for online accounts – or at least the most critical ones – password reuse continues to be rampant. And, …

Cloud-native security considerations for critical enterprise workloads
Since the advent of the public cloud as a viable alternative to on-premise systems, CIOs and CISOs have been citing security as one of the top concerns when it comes to making …

Widely available ICS attack tools lower the barrier for attackers
The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …

Hackers try to breach WHO, other COVID-19-fighting orgs
“Elite” hackers have tried – and failed – to breach computer systems and networks of the World Health Organization (WHO) earlier this month, Reuters …

Windows users under attack via two new RCE zero-days
Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks …

How to protect your online streaming accounts from cybercriminals?
Have you secured your streaming services’ accounts? Are you sure someone else, unbeknown to you, isn’t using them as well? As people around the world are being …

Zyxel NAS, firewalls and LILIN DVRs and IP cameras conscripted into IoT botnets
A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates …

Cyber crooks continue to exploit COVID-19 for their malicious schemes
A time of chaos is a time for opportunity for unscrupulous individuals and groups, and COVID-19 is seemingly an unmissable boon for cyber crooks. We’ve already covered a …

Cisco fixes root privilege, command injection vulnerabilities in Cisco SD-WAN solution
Cisco has fixed five security vulnerabilities in its Software-Defined WAN (SD-WAN) Solution, two of which could allow an authenticated, local attacker to either gain root …

Google Advanced Protection users get new protections against Android malware
Google has announced the rollout of two new non-negotiable security features for Android users who have also enrolled in the company’s Advanced Protection Program (APP). …

A week after Patch Tuesday, Adobe drops security fixes for six offerings
Adobe failed to release security updates on March 2020 Patch Tuesday, but has pushed them out this Tuesday, for Acrobat and Reader, Photoshop, ColdFusion, Experience Manager, …

Trend Micro fixes two actively exploited zero-days in enterprise products
Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the …