Zeljka Zorz
Hackers explain how they “owned” FlexiSpy
How did the hackers that go by the name Decepticons breach stalkerware manufacturer FlexiSpy? According to information purportedly provided by the attackers themselves, it …
Script for remote DoublePulsar backdoor removal available
NSA’s DoublePulsar backdoor can now be remotely uninstalled from any infected Windows machine, thanks to the updated detection script provided by security firm Countercept. …
Former Expedia IT support worker gets prison time for hacking execs’ emails, insider trading
A IT support technician formerly employed at Expedia offices in San Francisco was sentenced to 15 months in prison for securities fraud, plus three years supervised release. …
Lure10: Exploiting Wi-Fi Sense to MITM wireless Windows devices
Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide …
Ashley Madison users blackmailed again
Criminals are still trying to shake down users of the Ashley Madison dating/cheating online service. As you might remember, the service was hacked in 2015, and the attackers …
SquirrelMail opens users to remote code execution
Users of open source webmail software SquirrelMail are open to remote code execution due to a bug (CVE-2017-7692) discovered independently by two researchers. “If the …
BrickerBot bricked 2 million IoT devices, its author claims
The author of BrickerBot, which “bricks” IoT devices by rewriting the flash storage space and wiping files, has emerged to explain that the malware first attempts …
Locky ransomware makes a comeback, courtesy of Necurs botnet
The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to …
Tens of thousands Windows systems implanted with NSA’s DoublePulsar
Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances …
RawPOS malware has new data-grabbing capabilities
RawPOS continues to evolve, and has recently been equipped with the capability to steal data contained in the victims’ driver’s license’s 2-dimensional …
Top-ranked programming Web tutorials introduce vulnerabilities into software
Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been …
Be careful on Google Play
An often repeated piece of advice given to users of mobile devices says that they should stick to well-reputed, official app stores if they want to avoid malware. But while …
Featured news
Resources
Don't miss
- Google strengthens secure enterprise access from BYOD Android devices
- Southwest Airlines CISO on tackling cyber risks in the aviation industry
- Insider risk management needs a human strategy
- Cerbos: Open-source, scalable authorization solution
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days