Zeljka Zorz
FireEye releases open source managed password cracking tool
FireEye has released GoCrack, an open source tool for managing password cracking tasks across multiple machines. “Simply deploy a GoCrack server along with a worker on …
Researchers analyze 3,200 unique phishing kits
Most phishing sites are quickly detected and access to them is blocked, but not matter how fast the “takedown” happens, the number of victims is still large enough …
Oracle releases emergency Oracle Identity Manager patch
Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …
Cryptocurrency-mining script planted in apps on Google Play
Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play. Trend Micro researchers have spotted two apps that have been equipped …
Firefox will soon block canvas-based browser fingerprinting attempts
Starting with Firefox 58, users will be able to refuse websites’ requests for information extracted via the HTML5 canvas element, which can be used to fingerprint their …
Malicious Chrome extension steals all data
There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed …
Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device
Check Point researchers have discovered a vulnerability in LG’s smart home infrastructure that could have allowed hackers to take over the legitimate user’s account and, …
Critical flaws in maritime comms system could endanger entire ships
IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. …
Offshore law firm Appleby confirms data breach
Appleby, a major offshore law firm based in Bermuda, has confirmed it has suffered a data security incident in 2016 that resulted in some of their data being compromised. …
Coinhive breached due to old, reused password
Coinhive has suffered another setback: their DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project’s …
NotPetya successor Bad Rabbit hits orgs in Russia, Ukraine
Bad Rabbit ransomware, apparently modeled on NotPetya, has hit a number of organizations across Russia, Ukraine, and Eastern Europe on Tuesday. Russian security outfit …
Is the Windows 10 controlled folder access anti-ransomware feature any good?
With last week’s release of Windows 10 Fall Creators Update, users get a new feature aimed at stopping ransomware from encrypting their most important files. It’s …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)