Zeljka Zorz

Kali Linux evolution: What’s next for the open source pentesting Linux distro?
When the popular security-focused BackTrack Linux distribution was redesigned from the ground up and given the name Kali Linux nearly seven years ago, I remember thinking that …

CWE list now includes hardware security weaknesses
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses. About CWE The …

Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?
CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a …

Google fixes another Chrome zero-day exploited in the wild
For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have …

Healthcare industry at greatest risk of data breach
The healthcare industry has significantly more exposed attack surfaces than any other industry surveyed, according to Censys’s research findings of cloud risks and cloud …

A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …

Cisco drops security fixes for Smart Software Manager, security appliances
Cisco has released a new batch of security fixes for a number of its products, including its Smart Software Manager On-Prem solution and its Email Security and Content …

What is flowing through your enterprise network?
Since Edward Snowden’s revelations of sweeping internet surveillance by the NSA, the push to encrypt the web has been unrelenting. Bolstered by Google’s various initiatives …

Free trojanized WordPress themes lead to widespread compromise of web servers
Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion …

US gas pipeline shut down due to ransomware
An unnamed US gas pipeline operator has falled victim to ransomware, which managed to encrypt data both on its IT (information technology) and operational technology (OT) …

Half of cybercrime losses in 2019 were the result of BEC scams
Business email compromise (BEC) and email account compromise (EAC) scams are still the most lucrative schemes for cybercriminals: the FBI’s Internet Crime Complaint Center …

February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42
February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild …