Zeljka Zorz
Review: Becoming a Global Chief Security Executive Officer
“If protecting a business were as simple as deploying technologies such as firewalls, intrusion detection systems, and secured development life cycle processes, or …
Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login …
Hack the Pentagon: Hackers asked to help secure public-facing systems
The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …
Weak default credentials, command injection bug found in building operation software
A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to …
UK, US users hit with credit card-themed spam spreading ransomware
Symantec researchers have spotted an unusual ransomware delivery campaign hitting mostly UK and US users: fake emails apparently coming from Visa are urging recipients to …
DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable
There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users …
Is Hacking Team still using the same old, slightly modified malware?
A newly analyzed OS X malware sample shows that Hacking Team is likely still using old code for its newest spying tools. An alternative (but less likely) theory is that …
Google bolsters Gmail data loss prevention
A few months ago, Google provided a data loss prevention (DLP) solution for Gmail to Google Apps Unlimited Customers. The solution allows administrators to set up scanning of …
Snapchat falls for BEC scam, leaks employee payroll info
A successful email phishing attack aimed at Snaptchat’s payroll department has resulted in the compromise of payroll information about some current and former employees, …
European Commission presents EU-US Privacy Shield
The European Commission – the executive body of the European Union – issued the legal texts that will put in place the EU-US Privacy Shield, a new framework for …
IRS raises number of Get Transcript app breach victims yet again
Remember when back in May 2015 the IRS took offline its Get Transcript app because it was misused by cybercriminals to access sensitive personal information of more than …
CTB Locker ransomware now also encrypts websites
The well-known crypto ransomware CTB Locker is back. After a considerable slowdown in distribution, it is being pushed onto users again, and this time its executable has been …
Featured news
Resources
Don't miss
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations