Zeljka Zorz
Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise …
Hikvision DVRs sporting bugs that allow device hijacking
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining …
IE “Unicorn” bug actively exploited in the wild
Last week, in its regular Patch Tuesday, Microsoft patched a number of serious vulnerabilities, including one that is nearly two decades old, dating back to Microsoft IE 3.0. …
Detekt government surveillance spyware on your computer
Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International have partnered to create and release a free and open source tool for …
Windows Kerberos bug: How to detect signs of exploitation before the update?
Microsoft has shared more details about the critical elevation of privilege bug found in Microsoft Windows Kerberos Key Distribution Center (CVE-2014-6324) which is being …
New Citadel variant is after your master password
A good indication that the use of password managers has become a thing is the fact that cyber crooks are now trying to slurp up users’ master password for a number of …
Sophisticated Android-based botnet a danger to enterprise networks
A new, more sophisticated and more stealthy version of the NotCompatible Android Trojan continues to strengthen one of the most long-lived and advanced mobile botnets ever to …
Google open sources Firing Range, a test tool for web app security scanners
Google has open sourced another security tool: it’s called Firing Range, and it’s an effective testing ground for a variety of automated web application security …
New non-profit CA aims to make HTTPS use universal
To become ubiquitous, encryption must be easy to set up and easy to use, and that’s why the Electronic Frontier Foundation (EFF), Mozilla, Cisco, Akamai, IdenTrust, and …
Malware Domain Generating Algorithms are becoming more sophisticated
Malware cut off from its C&C servers is effectively useless to its masters, so they are continually trying to find new ways of maintaining that connection at all times. …
Open Whisper Systems helps WhatsApp achieve end-to-end encryption
The immensely popular Whatsapp instant messenger has the potential to become an even more attractive option for users, as the company has partnered with Open Whisper Systems …
Cisco open sources Big Data security analytics framework
“Technically advanced attackers often leave behind clue-based evidence of their activities, but uncovering them usually involves filtering through mountains of logs and …
Featured news
Resources
Don't miss
- Unpatched Windows Server vulnerability allows full domain compromise
- Signal blocks Microsoft Recall from screenshotting conversations
- The hidden gaps in your asset inventory, and how to close them
- CTM360 report: Ransomware exploits trust more than tech
- Lumma Stealer Malware-as-a-Service operation disrupted