Zeljka Zorz
Successful POS attacks are the result of poor security, researchers find
Most data breaches involving payment card information – and there have been too many in the last two years – can be traced back to a lack of implementation of …
How Google saw the DDoS attack against Github and GreatFire
The recent DDoS attacks aimed at GreatFire, a website that exposes China’s internet censorship efforts and helps users get access to their mirror-sites, and GitHub, the …
German intelligence agency helped NSA spy on EU companies
Germany’s Federal Intelligence Service (BND) has been aiding the US NSA spy on European companies and politicians since 2008, possibly even earlier, Der Spiegel claims …
70 bad exit nodes used in attack against Tor-based SIGAINT
Darknet email service SIGAINT, which aims to provide email privacy to journalists, has been targeted by unknown attackers using at least 70 bad exit nodes, the service’s …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Latest trends in the ransomware business
“Cybercrooks wielding ransomware might prefer getting paid in Bitcoin, but the crypto currency is just a way to obfuscate the real destination of the payment – as …
WordPress issues critical security release
WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to …
Microsoft announces bug bounties for Spartan, Azure
As the official launch of Windows 10 approaches, Microsoft has launched a new bug bounty related to its Technical Preview version, and is asking bug hunters to analyze its new …
Hacktivists are targeting law enforcement personnel, warns FBI
The FBI has issued an alert for law enforcement personnel and public officials, warning them that they may be targeted by hacktivists.“Hacking collectives are effective …
Popular WordPress plugins vulnerable to XSS
At least 17 WordPress plugins – and likely even more of them – have been found vulnerable to cross-site scripting (XSS) flaws that could allow attackers to inject …
1,500 iOS apps sport flaw that allows interception of sensitive user data
A bug in an older version of AFNetworking, an open source library widely used for adding networking capabilities to iOS and OS X apps, can allow attackers to intercept and …
Apple’s fix didn’t close Rootpipe backdoor
When TrueSec researcher Emil Kvarnhammar discovered a privilege escalation bug affecting OS X that could allow attackers to gain complete control of the target’s Mac …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)