Zeljka Zorz
Apple fixes macOS zero-day exploited by malware (CVE-2021-30713)
A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
Fake Amazon order emails lead to vishing
Fraudsters are sending out fake Amazon order emails and tricking online shoppers into calling a telephone number manned by them to steal the shoppers’ credit card …
Detecting attackers obfuscating their IP address inside AWS
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials …
RaaS gangs go “private” after stirring a hornet’s nest
After a decade or so of ransomware attacks against sometimes very prominent targets, the recent Colonial Pipeline ransomware attack by the Darkside gang has been the …
Vulnerability in popular browsers could be used to track, profile users online
A vulnerability affecting desktop versions of four popular web browsers could be exploited by advertisers, malicious actors, and other third parties to track and profile users …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …
Phishers using Zix to “legitimize” emails in the eyes of Office 365 users
UPDATE: May 19, 2021 – 03:10 AM ET Mirko Zorz, Editor in Chief, Help Net Security The page you are on used to contain a news item based on research from Abnormal …
May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
On this May 2021 Patch Tuesday: Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including …
Counterfit: Open-source tool for testing the security of AI systems
After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
Apple fixes four zero-days under attack
A week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch …