Zeljka Zorz
Top-level cyber espionage group uncovered after years of stealthy attacks
Symantec and Kaspersky Lab researchers have uncovered another espionage group that is likely backed by a nation-state. The former have dubbed the threat actor Strider, wile …
Oracle-owned MICROS PoS systems vendor breached
MICROS, the point-of-sale payment systems vendor owned by Oracle, has suffered a data breach, and there are indicators that point to the infamous Carbanak (aka Anunak) …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Cerber2 ransomware released, no decryption tool available
The author of the widely distributed Cerber ransomware has released a newer version, and files encrypted with Cerber2, unfortunately, can’t be decrypted without paying …
Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full …
Spoofing boarding pass QR codes with simple app
Przemek Jaroszewski, the head of Poland’s CERT, says anyone can bypass the security of the automated entrances of airlines’ airport lounges by using a specially …
Zeus Panda variant targets Brazilians, wants to steal everything
A new Zeus Trojan variant dubbed Panda Banker has been specially crafted to target users of 10 major Brazilian banks, but also other locally popular services. “Zeus …
Fake iPhone order dispatch confirmations hitting inboxes
Fake dispatch confirmation emails for a bogus order of an iPhone from Apple’s App Store are hitting inboxes, warns Hoax-Slayer. This is just the latest variant of the …
Apple finally announces bug bounty program
Apple is finally going to monetarily reward security researchers for spotting and responsibly disclosing bugs in the company’s products. The announcement that a bug …
MineMeld: The “Swiss army knife” of threat intelligence feeds
Palo Alto Networks has made publicly available MineMeld, an open source, community supported framework that can simply your consumption and sharing of threat intelligence. …
Security awareness training or no, users will keep clicking on dodgy links
There is no way to make humans never click on potentially dangerous links they receive, as the right combination of curiosity, context, and emotions will always beat security …
Researchers continue hacking cars, and start on heavy vehicles
When Charlie Miller and Chris Valasek demonstrated a year ago how they can remotely exploit vulnerabilities in Chrysler’s 2014 Jeep Cherokee, and fiddle with its wipers, …
Featured news
Resources
Don't miss
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations