Zeljka Zorz
Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining …
773 million records exposed in massive data breach
Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for …
Compromised ad company serves Magecart skimming code to hundreds of websites
Security researchers have flagged a new web-based supply chain attack by one of the cybercriminal groups that fall under the Magecart umbrella. The attackers managed to …
Researcher releases PoC for Windows VCF file RCE vulnerability
A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, …
BEC scammers add payroll diversion to their repertoire
All the attention the most typical BEC scams have been receiving in the last few years must have affected their effectiveness and forced scammers to come up with new ways for …
Widely used building access system can be easily compromised
A researcher has discovered several egregious vulnerabilities in the PremiSys IDenticard building access management system, some of which could allow attackers to take control …
Hack a Tesla Model 3, get cash and the car
For this year’s edition of the Pwn2Own hacking contest at CanSecWest, Trend Micro’s Zero Day Initiative has announced a new target category: Automotive. So, aside from …
A new taxonomy for SCADA attacks
Attacks aimed at SCADA networks are still much rarer than those targeting IT networks, but the number is slowly rising. And, according to Radiflow CTO Yehonatan Kfir, …
Criminals wielding Ryuk ransomware specialize in targeting enterprises
A cybercriminal group dubbed Grim Spider has been using the Ryuk ransomware to exclusively target enterprises and has managed to amass over 705 Bitcoins (around $3.7 million) …
Hackers who DDoSed African telecom and US hospital get long prison sentences
Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye …
Juniper releases barrage of security fixes for security, networking devices
Juniper Networks has released patches for vulnerabilities affecting its networking and security devices running Junos OS, as well as a bucketload of security flaws in the …
Cisco fixes serious DoS flaws in its email security appliances
Cisco has plugged a heap of security holes in many of its products, including two vulnerabilities (one critical) that open its email security appliances to denial of service …