Zeljka Zorz
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
Ransomware disrupts worldwide production for Belgian aircraft parts maker
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around …
GDPR implementation lessons can help with CCPA compliance
The ever increasing number of data breaches has made consumers more aware of how their data is being used and has emphasized the importance of keeping personal data private, …
Researchers devise RAMBleed attack to grab secret data from memory
Researchers have demonstrated a new variation of the Rowhammer attack: dubbed RAMBleed, it may allow attackers to read data stored inside the computer’s physical memory. …
June 2019 Patch Tuesday: A little something for everybody
For June 2019 Patch Tuesday, Microsoft has fixed a whooping 88 CVE-numbered vulnerabilities, Adobe has plugged many critical security holes in ColdFusion and Flash Player, and …
US border agency contractor breached, license plate and travelers’ photos stolen
US Customs and Border Protection (CBP) announced that a hacker may have stolen sensitive data collected by the agency from a subcontractor’s network. “On May 31, …
How human bias impacts cybersecurity decision making
The human brain is a fantastic machine, but we’re all subject to cognitive bias and reasoning errors – and cybersecurity pros are no exception. In a newly released …
Malware peddlers hit Office users with old but reliable exploit
Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …
Two-thirds of iOS apps don’t use App Transport Security
Most iOS apps don’t take advantage of App Transport Security (ATS), a networking security feature offered by Apple that ensures encrypted connections between apps and …
Critical Exim flaw exploitable locally and remotely, patch ASAP!
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …
Advancing transparency and accountability in the cybersecurity industry
NSS Labs, the Texas-based company that specializes in testing the world’s security products, has a new CEO. Jason Brvenik, the company’s CTO since early 2017, took over …
Apple debuts privacy-minded “Sign in with Apple” SSO
Among the many news shared during Apple’s annual developer conference there’s one that stands out: the introduction of “Sign in with Apple”. About the …