Zeljka Zorz
![info-stealer](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/16120625/info-stealer-400x200.webp)
SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
Malicious Google ads are a well known threat, but malvertising can also be found on other popular online destinations such as Facebook, LinkedIn, and YouTube. Case in point: …
![email](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/25130053/email-2-1500-400x200.webp)
Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and …
![AT&T](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/31150800/att-1500-400x200.webp)
Hackers stole call, text records of “nearly all” of AT&T’s cellular customers
Hackers leveraging stolen Snowflake account credentials have stolen records of calls and texts made by “nearly all” of AT&T’s cellular customers from May to …
![Snowflake](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/01214043/snowflake-4-1500-400x200.webp)
Info of 2,3+ million individuals stolen in Advance Auto Parts data breach
Personal information of over 2,3 million individuals has been stolen by attackers as part of the massive data grab via compromised Snowflake accounts without MFA protection, …
![Authy](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/11143217/twilio-authy-1500-400x200.webp)
Using Authy? Beware of impending phishing attempts
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping …
![X](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/10171257/x-twitter-1500-400x200.webp)
How AI-powered software spreads Russian disinformation on X
The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation …
![zero day](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/10142903/zero_day-1-1500-400x200.webp)
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)
CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for …
![Google Advanced Protection Program](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/10125447/google_advanced_protection_program-400x200.webp)
Google removes enrollment barrier for prospective Advanced Protection Program users
Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/07160340/patch_tuesday-2024-2-400x200.webp)
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …
![China](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/09132937/china-400x200.webp)
Chinese APT40 group swifly leverages public PoC exploits
Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory …
![TeamViewer](https://img.helpnetsecurity.com/wp-content/uploads/2020/08/06114535/teamviewer-logo-blue-400x200.jpg)
TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack
TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, …
![decryption tool](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/01113631/decryption-tool-400x200.jpg)
Decryptor for DoNex, Muse, DarkRace, (fake) LockBit 3.0 ransomware released
A cryptographic weakness in the DoNex ransomware and its previous incarnations – Muse, fake LockBit 3.0, and DarkRace – has allowed Avast researchers to create a …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege