Zeljka Zorz, Author at Help Net Security

Zeljka Zorz

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

July 8, 2020

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

Better cybersecurity hinges on understanding actual risks and addressing the right problems

July 7, 2020

SANS Technology Institute’s Internet Storm Center (ISC) has been a valuable warning service and source of critical cyber threat information to internet users, …

Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit

July 6, 2020

Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, …

Microsoft fixes two RCE flaws affecting Windows 10 machines

July 2, 2020

Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws …

New EvilQuest macOS ransomware is a smokescreen for other threats

July 1, 2020

A new piece of ransomware dubbed EvilQuest (aka ThiefQuest) is being delivered bundled up with pirated versions of popular macOS software, researchers warned. But the …

Fake “DNS Update” emails targeting site owners and admins

June 30, 2020

Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to …

Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP!

June 30, 2020

Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS, the custom operating system running on its next generation …

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

June 29, 2020

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that …

Cybercriminals are using IM platforms as marketplaces

June 26, 2020

Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight …

How attackers target and exploit Microsoft Exchange servers

June 25, 2020

Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could …

Microsoft releases Defender ATP for Android and Linux

June 24, 2020

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. Microsoft Defender Advanced Threat Protection …

How to establish a threat intelligence program

June 24, 2020

Instituting an in-house cyber threat intelligence (CTI) program as part of the larger cybersecurity efforts can bring about many positive outcomes: The organization may …