Zeljka Zorz

Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …

Cyber criminals are targeting digital artists
Cyber criminals looking for a quick payout and valuables are targeting digital artists using NFTs (non-fungible tokens), warns security researcher Bart Blaze. The attackers …

How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …

Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …

Ransomware has become a cost of doing business
It’s easy to see why ransomware aimed at businesses is such a cash cow for criminals: for every Norsk Hydro and Fujifilm that refuses to pay the ransom, there is a …

Can your MFA implementations stymie MFA bypass attacks?
Shay Nahari, Head of Red-Team services at CyberArk, says that they’ve been increasingly asked by customers to probe their multi-factor authentication (MFA) defenses, …

What happens to email accounts once credentials are compromised?
Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers …

June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …

Beware of “Ransomware system update” emails!
Emails referencing the Colonial Pipeline ransomware attack and looking like they’ve been sent from the corporate IT help desk have been hitting employees’ inboxes …

New Google tool reveals dependencies for open source projects
Google has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security …

Data sharing in a smart city: Choosing the right approach
Smart cities should, ideally, work as a well-oiled clock, but we’re still far, far away from that. First of all, smart cities are still being built, one siloed segment …

White House urges private sector to enhance their ransomware defenses
In light of the ransomware attacks hitting high-profile targets such as the Colonial Pipeline and JBS, the White House has issued an open letter to private sector companies, …
Featured news
Resources
Don't miss
- How CISOs can talk cybersecurity so it makes sense to executives
- How OSINT supports financial crime investigations
- Review: Effective Vulnerability Management
- Vuls: Open-source agentless vulnerability scanner
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)