Zeljka Zorz
Ransomware attack leaves Johannesburg residents without electricity
A ransomware attack aimed at City Power, the electricity provider for Johannesburg (aka Joburg), South Africa, has resulted in some residents temporarily without power. While …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
Phishers targeting Office 365 admins have a new trick up their sleeve
Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are …
Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …
Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …
Google increases bounties for Chrome, Google Play bugs
Bug hunters searching for security flaws in Google’s offerings are now vying for higher bounties. Microsoft has launched a new bug bounty program. Google’s changes …
Healthcare’s blind spot: Unmanaged IoT and medical devices
From imaging to monitoring systems, infusion pumps to therapeutic lasers and life support machines, medical devices are used to improve and streamline patient care. Many of …
4 years after data breach, Slack resets 100,000 users’ passwords
Roughly 100,000 Slack users are getting their password reset and will have to choose a new one. The reason? During the data breach the company suffered in 2015, the attackers …
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
FaceApp privacy panic: Be careful which apps you use
The privacy panic over FaceApp, the selfie-editing mobile app that makes photo subjects younger, older or turns them into members of the opposite sex, has been overblown. The …
Flaw in Iomega, LenovoEMC NAS devices exposes millions of files on the Internet
A vulnerability in legacy Iomega and LenovoEMC network-attached storage (NAS) devices has led to many terabytes of potentially sensitive data being accessible to anyone via …
Researcher releases PoC code for critical Atlassian Crowd RCE flaw
A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution …
Featured news
Resources
Don't miss
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks
- Key tips to stay safe from deepfake and AI threats
- UK retailers under cyber attack: Co-op member data compromised
- How CISOs can talk cybersecurity so it makes sense to executives