Zeljka Zorz
Microsoft’s anti-surveillance website was hacked
Digital Constitution – a dedicated website Microsoft set up to keep users informed of its efforts to counter US government’s attempts to access customer emails the …
Why LinkedIn chose to keep its bug bounty program private
Bug bounty programs have become de rigueur for tech and Internet companies that want to improve the security of their products by (partly) outsourcing bug discovery. But while …
Reddit announces switch to HTTPS-only
With a short note posted on the site’s developers subreddit, reddit – the so-called “front page of the internet” – has announced that starting with …
Unpatched OS X, iOS flaws allow password, token theft from keychain, apps
Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security …
Let’s Encrypt CA to issue its first cert
Let’s Encrypt, a non-profit certificate authority (CA) set up by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University …
Keyboard app bug puts millions of Samsung mobile users at risk, researcher claims
A vulnerability in the Swift keyboard, which comes pre-installed on Samsung mobile devices, can be exploited by remote attackers to secretly install malicious apps, access the …
Newly patched Flash Player bug exploited to deliver crypto ransomware
“It took less than a week for a functional exploit for a recently patched Adobe Flash Player vulnerability to be added to the Magnitude exploit kit, Trend Micro …
Google announces reward program for Android bugs
Google has announced that it will start paying researchers for information about vulnerabilities affecting Android.The Android Security Rewards are incremental. “For …
LastPass breached, hashed master passwords compromised
LastPass, the company behind the popular password management service of the same name, has announced on Monday that they have suffered a breach, and has urged users to verify …
Trojan uses steganography to hide itself in image files
“The Dell SecureWorks CTU research team has recently analyzed a piece of malware that uses digital steganography to hide part of its malicious code. Stegoloader, as they …
Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Emojis instead of PIN codes as an alternative for forgetful users
For years now companies have been trying to come up with alternatives to passwords and passcodes that will be easier to remember (for users) and more difficult to guess or …