Zeljka Zorz
Third party trackers on web shops can identify users behind Bitcoin transactions
More and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even …
Doing things right: Cloud and SecOps adoption
There is hardly an organization out there that isn’t planning or hasn’t already taken advantage of the cloud. And, according to Threat Stack CTO Sam Bisbee, there is hardly a …
Two Foxit Reader RCE zero-day vulnerabilities disclosed
Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one …
Decryption key for Apple iOS Secure Enclave Processor firmware revealed
A hacker that goes by the handle “xerub” has apparently figured out the decryption key for Apple’s Secure Enclave Processor (SEP) firmware, and made it …
Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately …
NotPetya aftermath: Companies lost hundreds of millions
The infamous NotPetya ransomware attack, which started in Ukraine on June 27 but later spread to many international businesses, has resulted in huge monetary losses for the …
How to spot malicious mobile apps
The pervasiveness of smartphones has resulted in an onslaught of mobile apps, and it’s pretty safe to say that, by now, there is an app for every imaginable purpose. …
Google Chrome remote code execution flaw detailed, PoC released
Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome. “The [type confusion] …
EV ransomware is targeting WordPress sites
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. …
DOJ wants to know who visited anti-Trump website
The US Department of Justice wants DreamHost to hand over IP addresses of some 1.3 million visitors to disruptj20.org, a website that helped organize political protests during …
AI is key to speeding up threat detection and response
Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach. “Security event …
Enterprise security culture: Why you need it, and how to create it
Security awareness is a term that most information security professionals are familiar with – security culture a little less so. “Security awareness training is …
Featured news
Resources
Don't miss
- Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
- When open science meets real-world cybersecurity
- Poland repels data-wiping malware attack on energy systems
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications