Zeljka Zorz
Phishing email leads to data breach at University of Virginia
Personally identifiable and financial information of some 1,400 University of Virginia employees has been compromised by attackers in a breach that dates back to early …
Versatile Linux backdoor acts as downloader, spyware
Another Linux Trojan has been discovered by researchers, and this one is pretty versatile: it opens a backdoor into the infected device, can download and run additional …
SSH backdoor found in more Fortinet devices, exploit attempts spotted in the wild
In case you missed it, Fortinet announced last week that the recently discovered FortiOS SSH backdoor – or, as they call it, “a management authentication …
Magento plugs XSS holes that can lead to e-store hijacking, patch immediately!
Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a …
“Deliberately hidden” backdoor found on US government’s comms system
Researchers from Austrian infosec outfit SEC Consult have unearthed what they dubbed a “deliberately hidden backdoor account” in NX-1200, a network controller …
Unknown attackers are infecting home routers via dating sites
Damballa researchers have spotted an active campaign aimed at infecting as many home routers possible with a worm. A variant of the TheMoon worm, it works by taking advantage …
Cyber fraudsters steal over $50 million from airplane systems manufacturer
Austrian company FACC, which develops and produces components and systems made of composite materials for aircraft and aircraft engine manufacturers such as Boeing and Airbus, …
Fake Facebook emails deliver malware masquerading as audio message
A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both …
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
Authorized Symantec reseller scams users into buying security software
Malwarebytes researchers have discovered a new tech support scam that, unlike most, is being perpetrated by an active member of the Symantec Partner Program. Users are being …
0-day in Linux kernel endangers Linux servers, Android devices
A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) …
Apple kills 28 flaws in OS X, iOS and QuickTime
If you use Apple’s OS X El Capitan, iOS and QuickTime on any of your computers and devices, you might want to implement the latest updates pushed out on Tuesday. OS X El …