Zeljka Zorz
Huge database found leaking biometric, personal info of millions
While working on a web-mapping project, vpnMentor researchers Noam Rotem and Ran Locar discovered a publicly accessible database containing fingerprint records of over 1 …
August 2019 Patch Tuesday: Microsoft plugs critical wormable RDP holes
It’s that time of the month again: Microsoft, Adobe and Intel have pushed out fixes for a bucketload of security issues in their various software. Microsoft’s …
Researchers discover 40+ insecure drivers for Windows
Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …
Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …
Apple expands bug bounty program, opens it to all researchers, raises rewards
Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, …
AttackSurfaceMapper automates the reconnaissance process
AttackSurfaceMapper, a new open source OSINT tool created by Andreas Georgiou and Jacob Wilkin, security consultants at Trustwave SpiderLabs, automates the process of …
Warshipping: Attackers can access corporate networks through the mailroom
Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping? The expression has been coined by IBM X-Force Red researchers to describe …
Critical holes plugged in Cisco 220 Series smart switches
Cisco has fixed three vulnerabilities in its Cisco 220 Series smart switches and is urging owners to upgrade their firmware as soon as possible. Among these are two critical …
SWAPGS Attack: A new Spectre haunts machines with Intel CPUs
Bitdefender researchers have uncovered yet another viable speculative execution side-channel attack that can be leveraged against Intel CPUs and the computers running on them. …
Digital bank Monzo urges customers to change PINs following security breach
Monzo, a UK-based mobile-only bank, has notified a subset of its users that their PINs have been inadvertently leaked into internal log files and were accessible to some of …
Microsoft sets up isolated environment for bug hunters to test attacks against Azure
Microsoft has some very good news for bug hunters: not only has the company doubled the top bounty reward for vulnerabilities discovered in its Azure cloud computing service, …
US utilities targeted with spear-phishing emails impersonating engineering licensing board
If you worked in a US company in the utilities sector and received an email notification telling you that you’ve failed your “Fundamentals of Engineering” …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks