Zeljka Zorz
Facebook data breach: Victims will not be offered free identity theft protection
Facebook announced that the recent data breach it has suffered is a little less massive than initially thought: “only” 30 million users have been affected. But, …
Hackers steal Pentagon personnel’s PI and credit card data
The U.S. Department of Defense confirmed on Friday that personal information and credit card data of some 30,000 U.S. military and civilian personnel has been compromised in a …
Fake Flash updaters deliver cryptominers AND update Flash
Cryptominers have dethroned ransomware as the top malware threat and cybercriminals are coming up with new ways to keep the mining activity secret from the victims. One of …
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Researchers link Industroyer to NotPetya
ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts …
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. Critical issues fixed CVE-2018-0044 …
Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites
The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as …
October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day
With the October 2018 Patch Tuesday release Microsoft has fixed 49 vulnerabilities, 12 of which are rated “critical.” Previously known flaws and an actively …
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou …
Apple fixes iOS 12 passcode bypass vulnerabilities
Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and iOS, some of which can be exploited by attackers to take control of an …
The end of Google+: Low usage and an API bug that exposed user data
Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more granular Google Account permissions, …
Most hosting providers take too long to remove malware distribution sites
How long does it take web hosting providers to remove malware distribution sites parked on their network? Roman Hussy, the Swiss security activist behind abuse.ch, says that, …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware