Zeljka Zorz

Vulnerable GE anesthesia machines can be manipulated by attackers
A vulnerability affecting several anesthesia and respiratory devices manufactured by General Electric (GE) Healthcare could allow attackers to manipulate the devices’ …

July 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days
For July 2019 Patch Tuesday, Microsoft has pushed out patches for 78 CVE-numbered vulnerabilities (15 of them critical) and Adobe for three, but none of them in its most …

U.S. Coast Guard shares cybersecurity best practices for commercial vessels
Spurred by a recent cyber incident they were called in to help resolve, the U.S. Coast Guard has detailed basic measures to improve vessels ‘cybersecurity. Basic cyber …

A fileless campaign is dropping the Astaroth info-stealer
Attackers are delivering the Astaroth info-stealing backdoor by leveraging a combination of fileless malware and “living off the land” techniques, …

British Airways is facing £183 million fine for 2018 data breach
The UK Information Commissioner’s Office (ICO) wants British Airways to pay a £183.39 million (nearly $230 million) fine for failing to protect personal and financial …

Cybersecurity crisis communication: How to do it well
Riviera Beach is one of the several cities and towns in Florida which have recently been hit with ransomware. Its local government, like that of Lake City before it, decided …

Business security in the age of malicious bots
As most technologies, bots can be used for good and bad purposes, and the information security industry is doing its best to minimize the adverse effects of the latter …

Medtronic recalls vulnerable MiniMed insulin pumps
Medtronic, the world’s largest medical device company, has issued a recall of some of its insulin pumps because they can be tampered with by attackers. About the …

Cisco plugs critical security holes in Data Center Network Manager
Cisco has plugged four security holes in its Data Center Network Manager, two of which critical (have a 9.8 CVSS score). About Cisco Data Center Network Manager Cisco Data …

When it comes to cybersecurity, perfection is the enemy of progress
In information security, perfection is the enemy of progress, says Lenny Zeltser, VP of Product at Axonius. But it’s one thing to know about this maxim, and another to …

Microsoft OneDrive users get an even more secure Personal Vault
Microsoft has announced that, by the end of the year, all users of its OneDrive cloud storage service will get a Personal Vault, which will provide added protection for …

Google delivers new G Suite security tools
Google has announced several new security tools for G Suite admins and users, as well as a new 2FA option: one-time security codes based on security keys. Email security …