Zeljka Zorz
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
Windows Defender can now run inside a sandbox
Microsoft has made it possible for Windows Defender Antivirus to be run within a sandbox, a restrictive environment that separates the AV’s processes from those of the …
Phishing attacks becoming more targeted, phishers love Microsoft the most
Microsoft remains ensconced on the top of the list of brands impersonated by phishers in North America, Vade Secure has revealed. Phishers’ favorite targets The company …
Serverless botnets could soon become reality
We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
Safeguarding hybrid-cloud infrastructures through identity privilege management
Most enterprises have embraced the advantages a cloud infrastructure can bring to their computing, storage, network or other needs, and many are juggling multiple cloud …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Solving the cloud infrastructure misconfiguration problem
Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents …
Oracle CPU October 2018: 301 vulnerabilities patched
Oracle has released its Critical Patch Update for October 2018, fixing 301 vulnerabilities across a wide range of its products, including Oracle Database Server, Oracle …
Endpoint security solutions challenged by zero-day and fileless attacks
There is an endpoint protection gap against modern threats, the result of a recent survey by the Ponemon Institute and Barkly have shown. The organizations polled 660 IT and …
2018 US voter records offered for sale on hacking forum
Somebody is selling US voter registration databases on an English-language speaking dark web hacker forum and the offer comes with the promise they will be updated every week, …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware