Zeljka Zorz
UK researcher who stopped WannaCry charged with creating and distributing banking Trojan
Marcus Hutchins, the 23-year-old UK researcher who found the kill-switch domain in the WannaCry ransomware code and registered it, preventing the malware to wreak even more …
The anatomy of a completely fileless attack
The use of fileless malware is definitely on the rise, and it’s used both by targeted threat actors and cybercriminals. Trend Micro researchers, though, are keen to …
Another popular Chrome extension hijacked through phishing
Chris Pederick, the creator and maintainer of the Web Developer for Chrome extension, is the latest victim of attackers who hijack popular Chrome add-ons in order to push ads …
US DOJ publishes guidelines for setting up a vulnerability disclosure program
Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to …
Hackers impersonate women online to get into target corporate networks
By all (online) accounts, Mia Ash was a pretty and successful photographer based in London, and she was looking for friendship and love on the Internet. Her LinkedIn account …
Weaponizing machine learning to improve cyber defenses
As defensive technologies based on machine learning become increasingly numerous, so will offensive ones – whether wielded by attackers or pentesters. The idea is the …
HBO hacked, attackers leak GoT script and some episodes
HBO has become hackers’ latest entertainment industry target: attackers have breached the company’s servers, and they claim to have syphoned from them 1.5 …
Phishers steal Chrome extension from developer
An attacker has compromised the Chrome Web Store account of German developer team a9t9 software, and has equipped their Copyfish Chrome extension with ad/spam injection …
Seagate to pay millions for forking over employee info to scammers
A moment of inattention by one of its employees, and Seagate stands to lose tens of millions of dollars. No, the company was not the victim of a BEC scam – instead, it …
Researchers remotely hack Tesla Model X
Security researchers from Tencent’s Keen Security Lab have done it again: they’ve found vulnerabilities in one of Tesla’s cars and demonstrated that they can …
Microsoft opens fuzz testing service to the wider public
Microsoft Security Risk Detection, a cloud-based fuzz testing service previously known under the name Project Springfield, is now open to all and sundry. Fuzz testing (i.e. …
Hackable smart car wash systems can hurt people
Two years after researchers Billi Rios and Terry McCorkle first flagged serious vulnerabilities in automatic, smart car wash systems by US manufacturer PDQ, the company is …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)