Zeljka Zorz
Unsecured Elasticsearch servers turned into PoS malware C&Cs
Security researchers have discovered over 4,000 Elasticsearch servers compromised to distribute and control PoS malware. 99 percent of them are hosted by Amazon. What is …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
European Commission wants ENISA to introduce EU-wide cybersecurity certification scheme
“Cyber security attacks know no borders and no one is immune,” European Commission President Jean-Claude Juncker noted in his State of the Union Speech on …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Phishers targeting LinkedIn users via hijacked accounts
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts …
Why end-to-end encryption is about more than just privacy
The question of whether regular people need end-to-end encryption will surely be debated for quite some time. But for Alan Duric, CEO and co-founder of Wire, the question can …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Google Dashboard becomes mobile-friendly
Google Dashboard, a privacy tool through which users can see what Google has learned about them through their use of the company’s products, has been redesigned. …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
KPN CISO paints a greater security picture
Being the CISO of such a huge and diverse company as KPN, the Netherlands’ largest telecom and ISP provider, requires great determination, and the current holder of the …
How Equifax failed miserably at handling its data breach
A data breach, as conventional wisdom goes, can happen to anyone, but how an organization handles the fallout is what shows us if they care about users at all – and …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)