Zeljka Zorz
Unsecured Gearbest server exposes millions of shoppers and their orders
Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and …
Two thirds of Android antimalware apps are ineffective or unreliable
Choosing an effective Android antimalware app is a shot in the dark for many users and they may end up in more danger of malicious apps, not less. In fact, as the results of …
Public-interest technology: Why companies should get involved
“For the last 15 or 20 years, anything Silicon Valley companies did was seemingly in the public interest, and society has encouraged that view until quite …
Mozilla releases Firefox Send, a free encrypted file transfer service
Mozilla has released the finalized version of Firefox Send, its free encrypted file transfer service that allows users to share files from any browser. With Send, users can …
March 2019 Patch Tuesday: Microsoft patches two actively exploited Windows flaws
As part of the March 2019 Patch Tuesday, Microsoft has released fixes for 64 CVE-numbered vulnerabilities, 17 of which are rated Critical and 45 Important. Interestingly …
Marriott CEO reveals more details about the massive data breach
Last Thursday, Equifax CEO Mark Begor and Arne Sorenson, the CEO of Marriott International, appeared before a US Senate subcommittee to testify about the massive data breaches …
Is your company leaking sensitive data via its Box account?
Companies that use Box for sharing files and folders inside and outside the company are inadvertently leaving sensitive corporate and customer data exposed, cybersecurity firm …
Free decrypters for BigBobRoss ransomware released
Here’s some good news for users whose files have been encrypted by the BigBobRoss ransomware: both Avast and Emsisoft have released decrypters. How do you know that …
Researchers create system that predicts vulnerability severity from tweets
To what extent do users’ opinions about threat severity expressed online align with expert judgments and can these opinions provide an early indicator to help prioritize …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
Windows Servers in danger of being compromised via WDS bug
Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly …
Users of Cisco switches, security appliances need to get patching
Administrators of Cisco switches, firewalls, and security appliances are advised to take a look at the latest collection of security advisories published by the company, as …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)