Zeljka Zorz
Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, …
Log4j exploitation risk is not as high as first thought, cyber MGA says
When the Log4Shell vulnerability (CVE-2021-44228) was publicly revealed in December 2021, CISA Director Jen Easterly said that it is the “most serious” vulnerability she has …
End of 2021 witnessed an explosion of RDP brute-force attacks
RDP brute-force attacks continue to be one of the most used attack vectors for breaching enterprise networks, ESET’s latest Threat Report has revealed. RDP brute-force …
A “light” February 2022 Patch Tuesday that should not be ignored
February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes …
Disaster recovery is critical for business continuity
Business continuity (BC) and disaster recovery (DR) efforts go hand in hand in this digitized world of ours. The former is focused on maintaining business operations rolling …
Google announces threat detection for virtual machines in its cloud
Google is adding a new defensive layer to protect enterprise workloads running in Google Cloud. It’s called Virtual Machine Threat Detection (VMTD), and will help select …
Microsoft: Enterprise MFA adoption still low
While two-factor authentication usage in the consumer space is climbing quickly, enterprises are still straggling when it comes to using multi-factor authentication (MFA) to …
Phishing kits that bypass MFA protection are growing in popularity
The increased use of multi-factor authentication (MFA) has pushed developers of phishing kits to come up with ways to bypass that added account protection measure. A current …
Cisco plugs critical holes in small business routers
Cisco has patched 14 vulnerabilities affecting some of its Small Business RV Series routers, the worst of which may allow attackers to achieve unauthenticated remote code …
Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)
A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to …
Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials
Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to …
Malware resets Android devices after performing fraudulent wire transfers
If your Android phone initiates a factory reset out of the blue, there’s a chance it has been infected with the BRATA banking malware and you’ve just been ripped …
Featured news
Resources
Don't miss
- Shadow AI risk: Navigating the growing threat of ungoverned AI adoption
- CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
- Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)
- To get funding, CISOs are mastering the language of money
- CISOs are cracking under pressure