Zeljka Zorz
Tor security improves as .onion becomes a special-use domain name
The .onion domain has been officially designated by the Internet Assigned Numbers Authority (IANA) as a special-use domain name. The move, initiated by the Internet …
Researchers find backdoor bug in NASA rovers’ real-time OS
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor …
Next Generation Red Teaming
Author: Henry DalzielPages: 46Publisher: SyngressISBN: 0128041714 Introduction Do you know the difference between penetration testing and red teaming? This book will explain …
New malware can make ATMs not give users’ card back
“A new type of malware that can be used to compromise ATMs independently of who their manufacturer is, and can make the machine steal card data but also the cards …
Apple complicates app sideloading in iOS 9 for increased security
Making things easier for users is generally a good idea, but sometimes complicating a process could lead to increased security, and should be the preferred option.A blog post …
FireEye legally censors crucial parts of a researcher’s talk at 44CON
Felix Wilhelm, a researcher with German security firm ERNW, was scheduled to give a talk at 44CON on Thursday about the critical vulnerabilities he and his colleagues found in …
US Energy Department’s systems breached 159 times in four years
The US Department of Energy (DOE) has had its computer systems successfully breached by cyber attackers 159 times in four years, USA Today reports.The US DOE is responsible, …
Attack code for critical Android Stagefright flaw published
After having graciously waited for quite a while to publish the exploit for the Android Stagefright vulnerability (CVE-2015-1538) so that Google, mobile carriers and device …
PIN-changing, screen-locking Android ransomware
“A sophisticated new piece of ransomware targeting Android users and locking them out of their devices by changing the PIN has been discovered by ESET researchers. …
Microsoft pushes out security updates, plugs holes actively exploited by attackers
Microsoft released twelve patches fixing over 50 vulnerabilities in Internet Explorer, Microsoft Edge, Active Directory Service, Microsoft Graphics Component, Windows Journal, …
Carbanak APT still targeting high-value financial institutions and casinos
The Anunak / Carbanak hacking group continues to target banks, but has also now hitting Forex-trading companies, casinos, and other institutions from which it can steal large …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Featured news
Resources
Don't miss
- OPNsense 26.1 brings updates to open-source firewall management
- WinRAR vulnerability still a go-to tool for hackers, Mandiant warns
- CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
- Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
- Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)