Zeljka Zorz
What motivates bug hunters?
Crowdsourced security penetration testing outfit Bugcrowd has released its second annual “Mind of a Hacker” report, to provide insight into bug hunters’ …
How to stop Emotet malware from infecting your computer
The Emotet banking Trojan has been around since 2014. It continues to evolve, and has even been spotted acting like a distribution method for other banking malware. Latest …
Firefox Quantum: Security and privacy improvements
Mozilla has released Firefox 57, aka Firefox Quantum, and it comes with many performance improvements. It sports a new browsing engine that takes full advantage of the …
The tools criminals use to prepare a stolen iPhone for resale
Reselling stolen mobile phones is a lucrative business all over the globe, and iPhones are very much in demand. Whether lost or stolen, the iPhones are often locked by their …
Critical flaws open Foscam C1 IP cameras to compromise
Cisco Talos researcher Claudio Bozzato has unearthed a dozen of critical vulnerabilities affecting the Foscam C1 series of indoor HD cameras. The Foscam C1 is one of the most …
Google will remove apps that misuse Android Accessibility Services from Google Play
Android app developers whose offerings implement Accessibility Services for reasons other that helping users with disabilities use their apps have less then 30 days to switch …
IcedID: Original new banking Trojan emerges
IcedID, a new banking Trojan that does not seem to have borrowed code from other similar threats, has entered the financial cybercrime arena. It was first spotted in the wild …
Teledildonics maker Lovense fixes bug to delete recordings of user sessions from phones
Late last week, a Reddit user took to the popular discussion site to reveal that the app that is used to control remote control sex toys made by Lovense “seems to be …
Vault 8: WikiLeaks starts releasing source code of alleged CIA cyber weapons
WikiLeaks is starting a new series of leaks, dubbed Vault 8, containing source code and materials allegedly stolen from the CIA. The Vault 8 leaks will ostensibly cover …
Data exfiltration tool PTP-RAT encodes data in pixel colour values
How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it …
Phishing is a greater threat to users than keyloggers and third-party breaches
When it comes to loosing access to their accounts, phishing is a greater threat to users than keyloggers and third-party breaches, researchers have found. How many valid …
Microsoft offers mitigation advice for DDE attacks scenarios
Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)