Zeljka Zorz
Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be …
Financially motivated threat actors willing to go after Russian targets
As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their …
Kali Linux on bare-metal gets snapshotting functionality
The Offensive Security team has released Kali Unkaputtbar, a new feature that allows Kali Linux installed on bare-metal to make system snapshots automatically, thus enabling …
War in Ukraine: What type of cyber attacks can we expect next?
The cyber activities related to the ongoing war in Ukraine have run the gamut from wiper malware hitting organizations and the border control in Ukraine, DDoS attacks aimed at …
March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown “critical” ones and three …
Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847)
An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking …
Mozilla fixes Firefox zero-days exploited in the wild (CVE-2022-26485, CVE-2022-26486)
Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited …
How to empower IT Sec and Ops teams to anticipate and resolve IT problems
Every IT system administrator knows the misery of facing a problem for which the root cause requires hours (and sometimes days) to unearth, all the while part of the IT …
Take a dev-centric approach to cloud-native AppSec testing
The era of the cloud-native application is well and truly upon us: IDC researchers have predicted that by 2023, more that 500 million apps will be developed using cloud-native …
Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink
This Thursday morning, Russia started its invasion on Ukraine and, as predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks: Renewed …
Attackers use Microsoft Teams as launchpad for malware
Hackers are starting to realize that Microsoft Teams is a great means of spreading tentacles throughout an organization’s systems; since the start of the year, Avanan …