Zeljka Zorz
Yahoo notifies more users of malicious account activity
Yahoo has sent out another round of account compromise notifications, warning users that hackers may have accessed their accounts by using forged cookies instead of passwords. …
Researchers bypass ASLR protection with simple JavaScript code
A group of researchers from the Systems and Network Security Group at VU Amsterdam have discovered a way to bypass address space layout randomization (ASLR) protections of …
XAgentOSX Mac malware linked to Russian hacking group
Researchers have discovered and analyzed a new piece of Mac malware that is believed to be used by the Sofacy (aka Fancy Bear, aka Pawn Storm, aka APT28) hacking group. …
Secure comms app Signal now offers encrypted video calls
Users of secure chat and voice call app Signal will soon be able to enjoy the option of encrypted video calls. For the moment, only calls between Signal users who have both …
Microsoft postpones Patch Tuesday
Patch Tuesday is the day when most system administrators sit down and perform critical patching of the systems under their control – or at least begin testing the …
Researchers demonstrate ransomware for industrial control systems
We’ve witnessed ransomware targeting Windows and Linux systems and Macs, Android devices, smart TVs, and even a ransomware scheme targeting iPhone users (though not …
Banks around the world targeted in watering hole attacks
The January attacks against Polish financial institutions through the booby-trapped site of the Polish Financial Supervision Authority are just one piece of a larger puzzle, …
PacketTotal: Free online tool for analyzing packet captures
PacketTotal is a free tool for analyzing packet captures that has recently been offered to the infosec community. Available online, the tool is powered by a Python-based …
Qualys at RSA Conference: Implementing innovation
There will be no lack of interesting content from Qualys at this year’s RSA Conference. Depending on you interests, you might want to make time for some of these talks …
The security impact of HTTPS interception in the wild
HTTPS deployment is on an upward trajectory, and this growth is accompanied by the increasing HTTPS interception and SSL inspection by enterprise-grade firewalls, web filters, …
UK sports retailer Sports Direct hacked
UK’s largest sports retail outlet Sports Direct has suffered a data breach in September 2016, when an attacker gained access to its staff portal, and through it to …
Simple Gmail spoofing leaves users open to targeted attacks
Gmail shows no warning as it delivers legitimate-looking spoofed emails seemingly coming from an existing Gmail.com address, even though they come from a non-Gmail server. …
Featured news
Resources
Don't miss
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform