Zeljka Zorz

Ransomware uses vulnerable, signed driver to disable endpoint security
Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed …

Shadow IT accounts with weak passwords endanger organizations
63% of enterprise professionals have created at least one account without their IT department being aware of it, and two-thirds of those have created two or more, the results …

Phishers impersonate WHO, exploit coronavirus-related anxiety
Media outlets are reporting daily on the coronavirus outbreak in Wuhan and the emergency repatriation of foreign citizens that found themselves in the thick of it. As cases of …

Emotet can spread to poorly secured Wi-Fi networks and computers on them
Here’s yet another reason to secure Wi-Fi networks and Windows user accounts with a strong enough password: researchers have spotted and analyzed a malware program that …

Honware: IoT honeypot for detecting zero-day exploits
Two researchers have created a solution that could help security researchers and IoT manufacturers with detecting zero-day exploits targeting internet-connected devices more …

Which vulnerabilities were most exploited by cybercriminals in 2019?
Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by …

CDPwn vulnerabilities open millions of Cisco enterprise devices to attack
If you have Cisco equipment in your enterprise network – and chances are good that you have – you should check immediately which feature the newly revealed CDPwn …

Touch panels deployed in critical infrastructure vulnerable to remote attacks
Manufacturing facilities and processing centers using AutomationDirect C-more Touch Panels are advised to upgrade their firmware ASAP, as older versions contain a high-risk …

HECVAT toolkit helps higher education institutions assess cloud adoption risks
Higher education institutions are increasingly adopting cloud-based solutions in order to lower costs, improve performance and productivity, and increase flexibility and …

New ransomware targets industrial control systems
With the ransomware threat is surging unstoppably in the last few years, it was just a matter of time until ICS-specific ransomware became a reality. Researchers from various …

State-sponsored actors may have abused Twitter API to de-anonymize users
A Twitter API that’s intended to help new account holders find people they may already know on Twitter has been abused by known and unknown actors to tie usernames to …

Wuhan coronavirus exploited to deliver malware, phishing, hoaxes
The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware …
Featured news
Resources
Don't miss
- Attackers hit MSP, use its RMM software to deliver ransomware to clients
- Why data provenance must anchor every CISO’s AI governance strategy
- Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
- Hottest cybersecurity open-source tools of the month: May 2025
- Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group