Zeljka Zorz

DDoS attacks knock Ukrainian government, bank websites offline
Unknown attackers have mounted disruptive distributed denial-of-service (DDoS) attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The …

Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changes
Offensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform. Visually refreshed and with improved usability …

Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, …

Log4j exploitation risk is not as high as first thought, cyber MGA says
When the Log4Shell vulnerability (CVE-2021-44228) was publicly revealed in December 2021, CISA Director Jen Easterly said that it is the “most serious” vulnerability she has …

End of 2021 witnessed an explosion of RDP brute-force attacks
RDP brute-force attacks continue to be one of the most used attack vectors for breaching enterprise networks, ESET’s latest Threat Report has revealed. RDP brute-force …

A “light” February 2022 Patch Tuesday that should not be ignored
February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes …

Disaster recovery is critical for business continuity
Business continuity (BC) and disaster recovery (DR) efforts go hand in hand in this digitized world of ours. The former is focused on maintaining business operations rolling …

Google announces threat detection for virtual machines in its cloud
Google is adding a new defensive layer to protect enterprise workloads running in Google Cloud. It’s called Virtual Machine Threat Detection (VMTD), and will help select …

Microsoft: Enterprise MFA adoption still low
While two-factor authentication usage in the consumer space is climbing quickly, enterprises are still straggling when it comes to using multi-factor authentication (MFA) to …

Phishing kits that bypass MFA protection are growing in popularity
The increased use of multi-factor authentication (MFA) has pushed developers of phishing kits to come up with ways to bypass that added account protection measure. A current …

Cisco plugs critical holes in small business routers
Cisco has patched 14 vulnerabilities affecting some of its Small Business RV Series routers, the worst of which may allow attackers to achieve unauthenticated remote code …

Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)
A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to …