Zeljka Zorz
VMware patches critical vRealize Operations flaws that could lead to RCE
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote …
DDoS attacks in 2021: What to expect?
We’re only three months into 2021, and Akamai has mitigated 3 out of the 6 largest DDoS attacks they have ever witnessed. Two of these hit the same company on the same …
Cloud security experts wanted: You can be one of them
A recent study from Boston Consulting Group and analytics firm Faethm has attempted to predict how digitization and technology will upend labor markets in Australia, Germany, …
Attackers tried to insert backdoor into PHP source code
The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] …
Microsoft offers rewards for security bugs in Microsoft Teams
Microsoft is starting a new Applications Bounty Program, and the first application that they want researchers to find bugs in is Microsoft Teams, its popular business …
Phishers’ perfect targets: Employees getting back to the office
Phishers have been exploiting people’s fear and curiosity regarding breakthroughs and general news related to the COVID-19 pandemic from the very start, and will …
iOS app developers targeted with trojanized Xcode project
“We recently became aware of a trojanized Xcode project in the wild targeting iOS developers thanks to a tip from an anonymous researcher. The malicious project is a …
Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities
Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security …
Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departments
A sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous …
With data volumes and velocity multiplying, how do you choose the right data security solution?
There is no doubt that the COVID-19 pandemic has caused radical changes in our personal and working lives. The sudden and massive surge of employees working from home and the …
Microsoft releases one-click Exchange On-Premises Mitigation Tool
Microsoft has released Exchange On-Premises Mitigation Tool (EOMT), which quickly performs the initial steps for mitigating the ProxyLogon flaw (CVE-2021-26855) on any …
As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early …
Featured news
Resources
Don't miss
- How CISOs can talk cybersecurity so it makes sense to executives
- How OSINT supports financial crime investigations
- Review: Effective Vulnerability Management
- Vuls: Open-source agentless vulnerability scanner
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)