Zeljka Zorz
Adobe launches bug disclosure program, skimps on bounties
Adobe has launched its own web application vulnerability disclosure program. Set up through the bug bounty platform HackerOne, the program is limited to vulnerabilities …
NLPRank: An innovative tool for blocking APT malicious domains
Security researchers working at OpenDNS’ Security Labs have developed NLPRank, a new system that helps detect – quickly and relatively accurately – phishing …
Anthem refuses comprehensive IT security audit after the breach
Recently breached US health insurer Anthem has refused to let The Office of Personnel Management’s Office of Inspector General (OIG) perform a full security audit of its …
Angler exploit kit and domain shadowing: A deadly combination
Attackers wielding the infamous Angler exploit kit are increasingly using hijacked registrant accounts to create huge amounts of subdomains for both redirecting victims and …
Mandarin Oriental suffers credit card breach
Mandarin Oriental, the hotel group managing luxury hotels and resorts in Asia, Europe, the US and Latin America, has confirmed that “the credit card systems in an …
Fake guides and cracked apps on Google Play Books lead to malware
Google has become pretty swift at finding and removing fake and malicious apps from its Google Play store, but there is one part of it where malware peddlers still seem to …
Banking Trojans target nearly 1,500 financial institutions
Nine of the most common and sophisticated financial Trojans in use are targeting 1,467 financial institutions in 86 countries, says a Symantec report compiled after the …
New PoS malware family discovered
A new family of PoS malware has been discovered and analyzed by Trend Micro researchers. They dubbed it PwnPOS, and believe that it has been in used since 2013, possibly even …
US air traffic control system is riddled with vulnerabilities
A recently released report by the US Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to …
Beware of spyware concealed inside games
Monitoring tools can be used for legitimate and malicious purposes. The first category includes parental control and employee monitoring software, the second one screenshot …
FREAK bug breaks SSL encryption for Android and Apple devices
A flaw in OpenSSL and Apple’s Secure Transport implementation of SSL and TLS protocols is putting millions of Android and Apple device users as well as visitors of …
Flaw in GoPro update mechanism reveals users’ Wi-Fi passwords
A vulnerability in the update mechanism for the wireless networks operated by GoPro cameras has allowed a security researcher to easily harvest over a 1,000 login credentials …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)