Zeljka Zorz
Apache Solr RCEs with public PoCs could soon be exploited
Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has …
Preventing insider threats, data loss and damage through zero trust
With the proliferation of mobile devices and BYOD, ubiquitous and always available internet connectivity and the widespread use of private, public and hybrid cloud solutions, …
Google ups bug bounties for Android flaws, exploits
Google has expanded the Android Security Rewards (ASR) program and increased the bug bounties it’s willing to award for certain kinds of exploits. About the Android …
Twitter finally allows users to delete their phone number without disabling 2FA
Twitter users can finally delete their mobile phone number from their account while still being able to use 2FA to additionally secure it. The move comes after too many …
Google introduces new G Suite security options
Google has introduced new security options for G Suite customers, including Advanced Protection for enterprise users and access control for apps accessing G Suite data. …
Monero Project site compromised, served malware-infected binaries
The official website of the Monero Project has been compromised to serve a malware-infected version of the CLI (command-line interface) wallet. The malicious file was …
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, …
Macy’s online store compromised in Magecart-style attack
The webshop of noted U.S. department store company Macy’s has been compromised and equipped with an information-stealing JavaScript, which ended up collecting …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Most Americans feel powerless to prevent data collection, online tracking
Most U.S. adults say that the potential risks they face because of data collection by companies (81%) and the government (66%) outweigh the benefits, but most (>80%) feel that …
Hackers helping communities: Leveraging OSINT to find missing persons
People, in general, like helping other people, no matter their degree of connection. And then there are people who go even further: they find a way to help people help people. …
GitHub Security Lab aims to make open source software more secure
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …