Zeljka Zorz
Researcher demonstrates hijacking of police drone
A security researcher has demonstrated to the RSA Conference crowd how he – or anyone, for that matter – can take over control of a drone used by the Dutch police …
Cisco removes weak default static credentials from its switches
Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …
Sea pirates and cyber attacks: Information security breaches in the maritime industry
The Maritime Trade Information Sharing Center, Gulf of Guinea (MTISC-GoG) has denied that it has suffered a data breach that could result in sea pirates knowing details about …
Review: Becoming a Global Chief Security Executive Officer
“If protecting a business were as simple as deploying technologies such as firewalls, intrusion detection systems, and secured development life cycle processes, or …
Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login …
Hack the Pentagon: Hackers asked to help secure public-facing systems
The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …
Weak default credentials, command injection bug found in building operation software
A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to …
UK, US users hit with credit card-themed spam spreading ransomware
Symantec researchers have spotted an unusual ransomware delivery campaign hitting mostly UK and US users: fake emails apparently coming from Visa are urging recipients to …
DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable
There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users …
Is Hacking Team still using the same old, slightly modified malware?
A newly analyzed OS X malware sample shows that Hacking Team is likely still using old code for its newest spying tools. An alternative (but less likely) theory is that …
Google bolsters Gmail data loss prevention
A few months ago, Google provided a data loss prevention (DLP) solution for Gmail to Google Apps Unlimited Customers. The solution allows administrators to set up scanning of …
Snapchat falls for BEC scam, leaks employee payroll info
A successful email phishing attack aimed at Snaptchat’s payroll department has resulted in the compromise of payroll information about some current and former employees, …