Zeljka Zorz
To encrypt or to destroy? Ransomware affiliates plan to try the latter
Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and …
RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)
Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic …
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …
US to award $1B to state, local, and territorial governments to improve cyber resilience
The US government will award $1 billion in grants to help state, local, and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their …
Revolut data breach: 50,000+ users affected
Revolut, the fintech company behing the popular banking app of the same name, has suffered a data breach, which has been followed by phishing attacks aimed at taking advantage …
Uber says Lapsus$ gang is behind the recent breach
Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …
GTA 6 in-development footage leaked
American video game publisher Rockstar Games has suffered an unfortunate data leak: someone has released online in-development footage/videos for Grand Theft Auto (GTA) 6, the …
Uber hacked, attacker tears through the company’s systems
Uber has been hacked, again – this time by an 18-year-old (allegedly). According to The New York Times, the breach happened on Thursday. The hacker claims to have gotten …
US government software suppliers must attest their solutions are secure
The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software …
Attackers mount Magento supply chain attack by compromising FishPig extensions
FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected …
Phishers take aim at Facebook page owners
Phishers are looking to trick owners of Facebook pages with fake notices from the social network (i.e., Meta, the company behind Facebook, Instagram and WhatsApp), in an …
Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware