Zeljka Zorz

@zeljkazorz@infosec.exchange
413 Followers
188 Following
752 Posts

Editor-in-Chief of Help Net Security.

I use this account for work and privately.

Work-related interests: Anything and everything to do with information security and related topics.

Personal interests: As above, + hiking, painting/art, development and use of language, human psychology, gardening and plant ecology... Always open to picking up new ones and often falling down internet rabbit holes.

Help Net Securityhttps://www.helpnetsecurity.com/author/zeljkazorz/
LinkedInhttps://www.linkedin.com/in/zeljka-zorz-ba0065242/
Zeljka Zorz1d ago

A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations.

https://www.helpnetsecurity.com/2025/06/24/high-risk-winrar-rce-flaw-patched-update-quickly-cve-2025-6218/

#WinRAR #Cybersecurity #Vulnerability

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) - Help Net Security

A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by attackers to execute arbitrary code.

Help Net Security
Zeljka Zorz5d ago
Show threadKevin Beaumont5d ago

I found an interesting Microsoft Recall issue with the latest version - Recall is enabled on my PC, but the tray icon (bottom right) saying it is running is missing.

Edit: after a reboot, it's back. I'll keep an eye on it. After the latest Windows Update the UI wasn't visible, but it was still recording.

Zeljka Zorz5d ago

https://www.helpnetsecurity.com/2025/06/19/gps-tracker-detection/

#Privacy

GPS tracker detection made easy with off-the-shelf hardware - Help Net Security

This article explores a low-cost GPS tracker detection method, helping security pros uncover hidden surveillance devices in vehicles.

Help Net Security
Zeljka Zorz6d ago
#Everything
Zeljka ZorzJun 12
Zeljka ZorzMar 20, 2024

Sometimes it needs to be presented just like this.

(From a report submitted by the Victoria Police (AU) to the Commonwealth Parliamentary Joint Committee Inquiry into law enforcement's capability to respond to cybercrime.)

Link to the report:
https://www.aph.gov.au/DocumentStore.ashx?id=ab2821cf-4ad7-4a77-8633-455a6b0eb5bd&subId=753218

#Cybercrime #Cybersecurity

Zeljka ZorzJun 11

ConnectWise is rotating code signing certificates. What happened?

https://www.helpnetsecurity.com/2025/06/11/connectwise-is-rotating-code-signing-certificates-what-happened/

#Cybersecurity #Connectwise

Connectwise is rotating code signing certificates. What happened? - Help Net Security

Connectwise is updating the digital signing certificates used in ScreenConnect, Automate, ConnectWise RMM due to security concerns.

Help Net Security
Show threadZeljka ZorzJun 10
#ClassicalKebab
Zeljka ZorzJun 10
Passing the Colloseum, the sunset in the harbour, going to a classical concert in the old Roman amphitheatre, and having to go into a porta potty 🙃 #MediterraneanSummer
Zeljka ZorzJun 10

What are some common mistakes legal teams make in the first 72 hours of a breach?

https://www.helpnetsecurity.com/2025/06/10/iva-miskovic-law-firm-cyber-legal-stategy/

#Breach #Cybersecurity

The legal questions to ask when your systems go dark - Help Net Security

Learn why legal strategy and tech understanding are key for lawyers supporting CISOs during cyber incidents.

Help Net Security
Zeljka ZorzJun 6
qurlyjoeJun 4
Besides watermelon, there should be windmelon, firemelon and earthmelon - the four elemelons.
×
Show threadKevin Beaumont5d ago

I found an interesting Microsoft Recall issue with the latest version - Recall is enabled on my PC, but the tray icon (bottom right) saying it is running is missing.

Edit: after a reboot, it's back. I'll keep an eye on it. After the latest Windows Update the UI wasn't visible, but it was still recording.

Show threadXavier «X» Santolaria  5d ago
@GossiTheDog That's called spyware 
Show threadPhilip Bragg5d ago
@GossiTheDog Tray icons being tray icons! Forever flaky.
Show threadDusk To Don 5d ago

@GossiTheDog Curious why you’re leaving Microsoft Recall enabled?

I’m still trying to figure out the intended use case.

“Hey copilot, what was the plot of last night’s pornography?”

Show threadFuse Views4d ago

@dusk

The 'use case' of Recall and Copilot is to change user behaviour.

By encouraging users to become more reliant on MS to perform basic tasks, users will lose the ability (the skills) to perform those tasks.

For example, try using the MS Outlook client on iOS or Android to review an email's headers. (MS removed that capability a long time ago.)

The ultimate aim of MS is to have as many people as possible change to a 'subscription' model where users have *zero* access to the OS or any installed app's code.

All systems will require internet access to boot up, with possible exceptions being 'Pro' or 'Enterprise' versions for use by companies in the field.

Local storage memory will be controlled by MS, and may eventually form a 'distributed' cloud.

Therefore, the 'use case' of Recall and Copilot is to benefit MS and NOT the people who use it.

@GossiTheDog

Show threadfuzzyfuzzyfungus4d ago
@GossiTheDog Active recall seems like something that really deserves an alert more along the lines of the "Activate Windows" message that gets superimposed on top of everything than just a traybar item; but I suspect that there's not much internal appetite for making it so visibly alarming.
Show threadSterling4d ago

@GossiTheDog

*Highly* recommended.
It is *amazing* what this utility can do.

https://christitus.com/winutil-install/

The Most Popular Windows Utility

Having Fun with Technology