Zeljka Zorz

Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted …

Sophos Managed Threat Response: An evolved approach to proactive security protection
In its 2019 market guide for managed detection and response (MDR) services, Gartner forecasted that by 2024, 25% of organizations will be using MDR services, up from less than …

Danish company Demant expects to suffer huge losses due to cyber attack
Danish hearing health care company Demant has estimated it will lose between $80 and $95 million due to a recent “cyber-crime” attack. Though the company has yet …

Guess what? You should patch Exim again!
Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by …

Microsoft to block 40+ additional file extensions in Outlook on the web
Microsoft is planning to block by default 40+ new file types in Outlook on the web to improve the security for their customers. “We took the time to audit the existing …

Cybercriminals plan to make L7 routers serve card stealing code
One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 …

How can we thwart email-based social engineering attacks?
More than 99 percent of cyberattacks rely on human interaction to work, Proofpoint recently shared. More often than not, the principal attack method is phishing emails. When …

vBulletin zero-day exploited in the wild in wake of exploit release
An anonymous bug hunter has released a working and elegantly simple exploit for a pre-authentication remote code execution flaw (CVE-2019-16759) affecting vBulletin and it …

Cybersecurity automation? Yes, wherever possible
There was a time when companies were hesitant about their IT and security teams using automation to discharge some of their duties. “I think much of that was due to the …

How can small companies with limited budgets win at security?
Securing data and systems is a must for every modern organization, but smaller ones often have to deal with budget and workforce limitations that make that goal harder to …

Microsoft drops emergency Internet Explorer fix for actively exploited zero-day
Microsoft has unexpectedly released out-of-band security updates to fix vulnerabilities in Internet Explorer and Microsoft Defender. The IE zero-day bug is deemed …

What security and privacy enhancements has iOS 13 brought?
With the release of iPhone 11 and its two Pro variants, Apple has released iOS 13, a substantial functional update of its popular mobile operating system. But while many users …