Zeljka Zorz
LostPass: A worryingly simple phishing attack aimed at LastPass users
Security researcher (and Praesido CTO) Sean Cassidy has demonstrated at ShmooCon how easy it can be for hackers to steal LastPass users’ email, password, and two-factor …
Casino operator sues Trustwave for failing to spot and stop hackers
Nevada-based Affinity Gaming, which operates five casinos in that state and 11 altogether in the US, is suing infosec outfit Trustwave, claiming that the company did a poor …
OS X’s Gatekeeper bypassed again
Do you remember when, last October, Synack director of research Patrick Wardle found a simple way to evade OS X’s Gatekeeper defense mechanism by bundling up a …
250 Hyatt hotels around the world hit with PoS malware
In late December, the Hyatt Hotels Corporation announced that they found malware on computers that operate the payment processing systems for Hyatt-managed locations, but …
Flaw allows malicious OpenSSH servers to steal users’ private SSH keys
Qualys researchers have discovered two vulnerabilities in the popular OpenSSH implementation of the secure shell protocol, one of which (CVE-2016-0777) could be exploited by …
Cheap web cams can open permanent, difficult-to-spot backdoors into networks
They might seems small and relatively insignificant, but cheap wireless web cams deployed in houses and offices (and connected to home and office networks) might just be the …
Cisco kills hardcoded password bug in Wi-Fi access points
Along with fixes for a number of older vulnerabilities in Cisco IOS and IOS XE software, the Cisco IOS Software Common Industrial Protocol, and the OpenSSL package …
CWA hackers breached US DNI Clapper’s email, broadband account
Crackas With Attitude (CWA), a group of hackers with a pro-Palestinian agenda, have hit another high-rank US intelligence chief. The first time around, in October 2015, it was …
Your smartwatch can give away your payment card’s PIN code
Smartwatches can be a perfectly useful and handy wearable device for some users, but it’s good to keep in mind that using them might mean opening yourself to an …
Android banking Trojan defeats voice call-based 2FA
Bankosy is a banking Trojan that has been targeting Android users for a while now, but has only recently been updated with a new capability of note: the ability to deceive …
Fortinet says backdoor found in FortiOS is “a management authentication issue”
Fortinet, the company whose enterprise network security offerings include the popular FortiGate firewall platform, has issued a statement regarding a security issue that has …
Microsoft ends support for Windows 8, IE8 through 10: What does this mean for you?
Slowly but surely, Microsoft is pushing users towards Windows 10 and its new browser, Microsoft Edge. The way through this is by stop providing technical support and security …
Featured news
Resources
Don't miss
- macOS vulnerability allowed Keychain and iOS app decryption without a password
- Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)
- Cutting through CVE noise with real-world threat signals
- Attackers are turning Salesforce trust into their biggest weapon
- Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise