Zeljka Zorz
Building a sound security strategy for an energy sector company
As more and more attacks against companies working in the energy sector become public, it is becoming increasingly clear that those systems are far from impermeable. And …
Samsung SmartThings Hub vulnerabilities allow attackers inside your home
Cisco Talos researchers have unearthed 20 vulnerabilities in the Samsung SmartThings Hub that could be leveraged by attackers to monitor, control and interfere with devices …
Swann security cameras vulnerable to spying hack
Researchers have unearthed a security flaw in a Swann security camera that allows attackers to spy on the video and audio feed of anyone’s camera. Swann SWWHD-Intcam is …
After extensive testing, Google introduces the Titan Security Key
Google recently shared that since it made employees use physical security keys instead of passwords and one-time codes, none of them – and there are over 85,000 – …
Securing healthcare organizations: The challenges CISOs face
Healthcare organizations are ideal targets for criminals looking to steal personal and other sensitive information, as the industry is lagging behind when it comes to …
ZDI offers hefty bounties for zero-days in popular web servers, CMSes
The Trend Micro-backed Zero Day Initiative is asking bug hunters to look for zero-day RCE vulnerabilities in several open source server-side products and is ready to pay up to …
Major websites still fail to steer users towards better passwords
The death of passwords is predicted with regular frequency, but we’re still to see it actually happen. It’s possible that it will happen one day but, in the …
Bluetooth vulnerability allows snooping of traffic between paired devices
Researchers Eli Biham and Lior Neumann have discovered a vulnerability in two Bluetooth features that could be exploited by attackers to gain a man-in-the-middle position and …
Chrome starts marking all HTTP sites as “Not secure”
If you’re using Google Chrome and you suddenly start seeing sites you usually visit labeled as “Not secure”, it’s because Google wants to push site …
Hackers stole personal, medication data of a quarter of Singaporeans
Hackers have breached Singapore’s health service and have stolen personal information of some 1.5 million patients. They have also compromised outpatient medication data …
Vulnerability research and responsible disclosure: Advice from an industry veteran
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own …
Diffy: A triage tool for cloud-centric incident response
The Netflix Security Intelligence and Response Team (SIRT) has released Diffy, an open source triage tool that allows digital forensics and incident response teams to quickly …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)