Zeljka Zorz
Major US DNS provider hit with DDoS, part of the Internet becomes unreachable
US-based DNS provider Dyn has suffered a massive DDoS attack earlier today, and it resulted in many websites being completely or intermittently inaccessible for a few hours. …
Dirty COW Linux kernel zero-day exploited in the wild is now patched
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The …
43+ million users affected by confirmed Weebly breach
Weebly, a popular web-hosting service featuring a drag-and-drop website builder, has been breached, and email addresses/usernames, IP addresses and encrypted passwords for …
Use Chaos Monkey to push engineers to build resilient cloud services
Netflix’s engineering team is good at sharing the tools they create, and keeping them updated to serve different needs. Chaos Monkey is the latest offering that received …
MBRFilter: Cisco open sources tool to protect the Master Boot Record
Cisco’s Talos research team has open sourced MBRFilter, a tool that aims to prevent a system’s Master Boot Record (MBR) getting overwritten by malware. The latest …
Cisco plugs critical bug in ASA security devices
Cisco has patched a critical vulnerability in the Identity Firewall feature of Cisco ASA Software, which would allow a remote attacker to execute arbitrary code and obtain …
EU court: Site operators can log visitors’ IP address for protection against attacks
The Court of Justice of the European Union (CJEU) has ruled that the German government can collect and keep IP addresses of visitors to websites operated by German Federal …
Researchers bypass ASLR by exploiting flaw in Intel chip
Researchers have found a design flaw in the branch predictor, a component of Intel’s Haswell processor, and have exploited it to bypass ASLR (Address Space Layout …
Unregulated use of facial recognition tech threatens people’s privacy, civil rights
Facial recognition tech is a boon to law enforcement, but without strict regulation and safeguards, it poses considerable risks to the privacy, civil liberties, and civil …
GPG Sync: Internal GPG keys syncing tool for orgs
First Look Code has released GPG Sync, an open source tool for keeping a list of GPG keys used by members of an organization always updated, and always available to all of …
VeraCrypt security audit reveals many flaws, some already patched
VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab. The researchers found 8 …
Ghost Push Trojan still a major threat to most Android users
The Ghost Push Trojan (also known as Shedun) is still a considerable threat to Android users around the world. The malware is focused on displaying ads, promoting webpages and …
Featured news
Resources
Don't miss
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”