Zeljka Zorz

How human bias impacts cybersecurity decision making
The human brain is a fantastic machine, but we’re all subject to cognitive bias and reasoning errors – and cybersecurity pros are no exception. In a newly released …

Malware peddlers hit Office users with old but reliable exploit
Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …

Two-thirds of iOS apps don’t use App Transport Security
Most iOS apps don’t take advantage of App Transport Security (ATS), a networking security feature offered by Apple that ensures encrypted connections between apps and …

Critical Exim flaw exploitable locally and remotely, patch ASAP!
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …

Advancing transparency and accountability in the cybersecurity industry
NSS Labs, the Texas-based company that specializes in testing the world’s security products, has a new CEO. Jason Brvenik, the company’s CTO since early 2017, took over …

Apple debuts privacy-minded “Sign in with Apple” SSO
Among the many news shared during Apple’s annual developer conference there’s one that stands out: the introduction of “Sign in with Apple”. About the …

Nearly 12 million Quest Diagnostics patients affected by data breach
Quest Diagnostics, a US-based company that offers medical testing services, has announced that a third-party billing collections company they use has been hit by a data …

Hack The Sea: Bridging the gap between hackers and the maritime sector
There’s a not a lot of researchers probing the security of computer systems underpinning the maritime industry. The limitations that keep that number low are obvious: …

Chrome extension devs must drop deceptive installation tactics
After announcing its intention to limit third-party developers’ access to Chrome’s webRequest API, which is used by many ad-blocking extensions to filter out …

Siemens LOGO!, a PLC for small automation projects, open to attack
LOGO!, a programmable logic controller (PLC) manufactured by Siemens, sports three vulnerabilities that could allow remote attackers to reconfigure the device, access project …

Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …

G Suite to get Gmail confidential mode, on by default
Earlier this year, Google introduced Gmail confidential mode for both consumer and G Suite users. While the former were able to use it immediately, the latter depended on …
Featured news
Resources
Don't miss
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks
- Key tips to stay safe from deepfake and AI threats
- UK retailers under cyber attack: Co-op member data compromised