Zeljka Zorz
Should you trust that Chrome extension? Use CRXcavator to decide
Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator …
Cisco fixes risky flaws in HyperFlex and Prime infrastructure
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the …
Highly critical Drupal RCE flaw could lead to new Drupalgeddon, patch now!
A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over …
500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …
How are businesses facing the cybersecurity challenges of increasing cloud adoption?
Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many organizations, the 2019 …
Phishers’ new trick for bypassing email URL filters
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the …
Rockwell Automation industrial energy meter vulnerable to public exploits
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies …
Flawed password managers allow malware to steal passwords from computer memory
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software …
Detecting Trojan attacks against deep neural networks
A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan …
IT security incidents affecting German critical infrastructure are on the rise
The number of IT security incidents reported by critical infrastructure companies in Germany has soared. In 2017, the German Federal Office for Security in Information …
Azure AD Identity Protection now revolves around risky users and risky sign-ins
Launched in September 2018, Microsoft Threat Protection (MTP) integrates a number of Microsoft services to provide a fully integrated, end-to-end solution for securing the …
Mozilla will use AI coding assistant to preemptively catch Firefox bugs
Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more efficient and to prevent the introduction of …
Featured news
Resources
Don't miss
- Attackers breached ConnectWise, compromised customer ScreenConnect instances
- Product showcase: Smarter pentest reporting and exposure management with PlexTrac
- CISO 3.0: Leading AI governance and security in the boardroom
- Review: Metasploit, 2nd Edition
- Security awareness training isn’t stopping breaches. Can AI help?