Zeljka Zorz
Popular TP-Link wireless home router open to remote hijacking
By concatenating a known improper authentication flaw with a newly discovered CSRF vulnerability, remote unauthenticated attackers can obtain full control over TP-Link …
How to minimize the negative effect of mobile device loss or theft
Have you, like me, become inordinately obsessed with the security of your smartphone? And are you forever checking your pockets to make sure you haven’t left it behind …
Cisco Talos discloses serious vulnerabilities in Foxit PDF Reader
Cisco Talos researcher Aleksandar Nikolic has unearthed one of the critical vulnerabilities fixed in the latest Adobe Acrobat and Reader security updates. He is also the one …
Adobe fixes 47 critical flaws in Acrobat and Reader
Adobe has released security updates for Adobe Acrobat and Reader, and they fix a prodigious amount of critical (47) and important (39) vulnerabilities affecting both software …
Google to make Chrome extensions safer and privacy-preserving
Google has announced a number of security changes in the Chrome extensions system: a more thorough extensions review process, better user controls, and a new manifest that …
Vulnerable Android password managers make phishing attacks easier
Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant …
WWW inventor announces Solid, a push to create a decentralized web users can trust
Tim Berners-Lee, the inventor of the World Wide Web, has not been hiding his disappointment with the direction in which his invention was taken. “The web has evolved …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …
Phorpiex bots target remote access servers to deliver ransomware
Threat actors are brute-forcing their way into enterprise endpoints running server-side remote access applications and attempting to spread the GandCrab ransomware onto other …
Connected car security is improving, researchers say
The automotive industry has apparently stepped up their game when it comes to improving connected car security. According to the latest IOActive report, which was compiled …
Chronicle announces VirusTotal Enterprise with greater search and analysis capabilities
Chronicle, the cybersecurity subsidiary of Google’s parent company Alphabet, has announced VirusTotal Enterprise, which is aimed at helping enterprises protect their own …
Apple DEP vulnerability lets attackers access orgs’ resources, info
An authentication weakness in Apple’s Device Enrollment Program (DEP) may allow attackers to enroll any device into an organization’s Mobile Device Management …
Featured news
Resources
Don't miss
- Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI
- Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down