Zeljka Zorz
Attackers exploited Instagram API bug to access users’ contact info
Instagram has confirmed that “one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically …
Patients with St. Jude pacemakers called in for firmware update
Patients using one of several types of implantable radio frequency-enabled pacemakers manufactured by St. Jude Medical will have to visit their healthcare provider to receive …
Office 365 account compromise attempts on the rise
Office 365, Microsoft’s software-as-a-service productivity software suite popular with corporate users, is increasingly becoming attackers’ preferred way into …
Advantech fixes serious vulns in WebAccess HMI/SCADA software
Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software …
Cisco unveils LabVIEW code execution flaw that won’t be patched
LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. …
Drone maker DJI launches bug bounty program
Chinese consumer drone maker DJI has announced that it’s starting a bug bounty program and has invited researchers to discover and responsibly disclose issues that could …
Researchers figured out how to disable the Intel ME controller on Intel chipsets
Researchers have discovered that Intel Management Engine (Intel ME) 11, a dedicated (and non-optional) microcontroller integrated into all Intel chipsets, can be disabled …
Tech firms band together to take down Android DDoS botnet
An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed …
Chinese government’s latest crack against online anonymity
The Chinese government is dead-set on making it so that all online interactions can be tied to a specific user. The latest move towards this goal came on Friday, when the …
New, custom ransomware delivered to orgs via extremely targeted emails
Ransomware campaigns are usually wide-flung affairs: the attackers send out as many malicious emails as possible and hope to hit a substantial number of targets. But more …
Getting a start on cyber threat hunting
In this age of advanced persistent threats, waiting for traditional threat management solutions like IDS and SIEM to flag incidents and threats is simply not enough anymore. …
Judge limits DOJ’s search of anti-Trump website data
After the US Department of Justice demanded from DreamHost data that could identify visitors of anti-Trump website Disruptj20.org and the web host refused to comply with such …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)