Zeljka Zorz

PoC exploit for Carpe Diem Apache bug released
Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a …

Is your organization getting physical security right?
For most organizations (and especially for tech companies), the physical security of data centers and headquarters is of the utmost importance. As Tim Roberts, a senior …

FileTSAR: Free digital forensic investigations toolkit for law enforcement
Purdue University cybersecurity experts have created FileTSAR, an all-in-one digital forensic investigations toolkit for law enforcement. About FileTSAR FileTSAR, which stands …

Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …

Consumer routers targeted by DNS hijacking attackers
Owners of a slew of D-Link, ARGtek, DSLink, Secutech, TOTOLINK and Cisco consumer routers are urged to update their device’s firmware, lest they fall prey to ongoing DNS …

Microsoft rolls out new security capabilities for Azure customers
Microsoft has announced new security features for customers of its Azure cloud computing service. They are a mix of features for storage and compute services: Advanced Threat …

Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …

Georgia Tech data breach: 1.3M students and staff potentially affected
The Georgia Institute of Technology, commonly referred to as Georgia Tech, has suffered yet another data breach. This time, the number of affected individuals may have reached …

To DevSecOps or not to DevSecOps?
Would your organization benefit from introducing DevSecOps? Dan Cornell, CTO of application security company Denim Group, believes that most organizations would. With one …

Digital transformation goes hand-in-hand with Zero Trust security
Forward-looking organizations are investing in Zero Trust security and strong MFA, modern app development, IaaS, and digital transformation, a recently released Okta report …

A LockerGoga primer and decrypters for Mira and Aurora ransomwares
There’s some good news for victims of the Mira and Aurora ransomwares: free decrypters have been made available. New decrypters F-Secure has released a decrypter for …

Microsoft adds tamper protection to Microsoft Defender ATP
Microsoft has added a new tamper protection feature to Microsoft Defender ATP (formerly Windows Defender ATP) antimalware solution. When turned on, it should prevent malicious …
Featured news
Resources
Don't miss
- RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
- Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks