Zeljka Zorz
Exploit kits in 2015: What can we expect?
Since 2006, when the earliest exploit kit (WebAttacker) was made available in the crimeware market, these hack toolkits have become one of the preferred ways for cybercrooks …
Yahoo announces email encryption plugin, password-free logins
Yahoo email users will soon be able to encrypt the emails they send out by simply clicking on a button. In addition to this, users will be able to effectively forget their …
Students create open source, cross-platform memory scanning tool
Mozilla has unveiled the result of a successful project executed by a group of Computer Science students from Argentina: it’s called Masche, and it’s an open …
Facebook worm spreads by leveraging cloud services
Facebook users are in danger of having their computers turned in a bot by a worm that spreads via the social network. The worm, identified as belonging to the Kilim malware …
Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking
Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also …
Huge IT Slider WordPress plugin opens SQL injection hole
The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website …
New crypto-ransomware encrypts video games files
A new piece of ransomware that (mis)uses the Cryptolocker “brand” has been analyzed by Bromium researchers, and they discovered that aside from the usual …
CS:GO players targeted with phishing attempt, malware
Typosquatting is an effective means to trick users into believing they have landed on the legitimate site they wanted to visit, so it’s no wonder that it’s often …
Cyber crooks take advantage of ad bidding networks to deliver ransomware
Malware peddlers are taking advantage of real time advertising bidding networks to deliver ransomware to unsuspecting users, FireEye researchers are warning. “Real Time …
Analysis of Equation Group’s espionage platform discovers another link to the NSA
Kaspersky Lab researchers continue to analyze the software and digital artifacts tied to the Equation Group, a nation-state threat actor that has been active for almost twenty …
Microsoft patches flaw exploited by Stuxnet – again
Among the vulnerabilities patched by Microsoft in this month’s Patch Tuesday is one that was supposedly patched back in 2010. The Windows Shell Shortcut Icon Loading …
Flaw in Dropbox SDK for Android lets attackers steal data sent to users’ account
Researchers from IBM’s security team have discovered an authentication flaw in the Dropbox Software Development Kit (SDK) for Android that can be exploited to capture …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)