Zeljka Zorz
Microsoft sets up isolated environment for bug hunters to test attacks against Azure
Microsoft has some very good news for bug hunters: not only has the company doubled the top bounty reward for vulnerabilities discovered in its Azure cloud computing service, …
US utilities targeted with spear-phishing emails impersonating engineering licensing board
If you worked in a US company in the utilities sector and received an email notification telling you that you’ve failed your “Fundamentals of Engineering” …
G Suite news: Anomalous alert activity for Google Drive, Advanced Protection for enterprise users
Google is rolling out new security options for G Suite users and admins, aimed at alerting organizations about data exfiltration attempts on Google Drive and helping them …
AWDL flaws open Apple users to tracking, MitM, malware planting
Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in …
Capital One breach: Info on 106 million customers compromised, hacker arrested
Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Cloud adoption and security are not mutually exclusive
As organizations continue to adopt cloud services to achieve their desired business objectives, many don’t realize that the thing that makes cloud computing great – …
Ransomware attack leaves Johannesburg residents without electricity
A ransomware attack aimed at City Power, the electricity provider for Johannesburg (aka Joburg), South Africa, has resulted in some residents temporarily without power. While …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
Phishers targeting Office 365 admins have a new trick up their sleeve
Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are …
Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …
Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …