Zeljka Zorz
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …
The impact of threat hunting on your security operations
The main goal of threat hunting is to find traces attackers have left behind in the organization’s IT environment. These traces can date back to already solved crises or …
Beware fake Android cryptocurrency trading apps on Google Play
Two phishing apps that were made to look like the official app of popular cryptocurrency exchange Poloniex have been booted off Google Play after ESET researchers notified …
MacOS Proton backdoor delivered via Trojanized media player app
A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer’s official site, ESET researchers have …
EU MEPs want stronger privacy rules for Internet-enabled communication services
With 31 votes for, 24 against and one abstention, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) has backed new privacy protections for …
Google wants bug hunters to probe popular Android apps for bugs
Google has started another bug bounty initiative: the Google Play Security Reward Program. While the name of the program might suggest that bug hunters will be after …
Cisco plugs WPA2 holes, critical Cloud Services Platform flaw
Cisco has released updates to address vulnerabilities in a wide variety of its products. Among these are updates fixing the WPA2 vulnerabilities that can be exploited in the …
Millions download botnet-building malware from Google Play
Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices. The apps’ …
Google offers Advanced Protection for high-risk users of its services
High-risk Google users – journalists, human rights and civil society activists, but also campaign staffers and people in abusive relationships – can now take …
Europol wants ISPs to aid law enforcement by dropping CGN technologies
Europol is urging ISPs to stop using Carrier Grade Network Address Translation technologies, because they make identifying and tracking criminals a lot harder. What is Carrier …
Oracle fixes 252 vulnerabilities in October 2017 Critical Patch Update
Oracle has released its Critical Patch Update (CPU) for October 2017, addressing 252 vulnerabilities across the wide multitude of its products. Compared to the July 2017 CPU, …
Vulnerability in code library allows attackers to work out private RSA keys
Researchers have discovered a security vulnerability in the Infineon-developed RSA library, which could be exploited by attackers to discover the RSA private key corresponding …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)