Zeljka Zorz
Flaw in GoPro update mechanism reveals users’ Wi-Fi passwords
A vulnerability in the update mechanism for the wireless networks operated by GoPro cameras has allowed a security researcher to easily harvest over a 1,000 login credentials …
D-Link fixes critical router flaws
D-Link has released new firmware for its DIR-820L Wi-Fi dual band cloud router, which fixes a number of security vulnerabilities. One of these can apparently be exploited by …
Signal 2.0: Cross-platform encrypted voice and text communication app
Open Whisper Systems has released a new version of Signal, its free, open source iOS app for end-to-end encrypted voice calls. As announced in July last year, when the first …
Phishers target victims of iOS device theft
A clever phishing scheme has been spotted targeting users who have had their iPad or iPhone stolen, leading researchers to believe that it has been set up by a criminal group …
Uber’s on a hunt for the attacker that compromised its drivers’ database
Late last week, Uber’s Managing Counsel of Data Privacy Katherine Tassi has revealed that the company has suffered a data breach. One of its databases, which contains …
0-day flaw in Seagate NAS devices endangers thousands
Seagate’s Business Storage 2-Bay NAS line of products, which is popular both with home and business users, sports a zero-day remote code execution vulnerability that can …
Beware of malicious LogMeIn Pro Payment emails
A fake LogMeIn-themed email has been hitting inboxes of users around the world, trying to trick them into believing that they have somehow paid nearly a thousand dollars for a …
Netflix phishing website targeting European users
A fake website simulating that of popular Internet video streaming Netflix has been set up to harvest European users’ personal and payment card information, warns …
Compromised cPanel “Account Suspended” pages redirect to exploit kit
All Internet users have, at least once in their lives, seen the following “Account Suspended” page: That’s because it’s part and parcel of cPanel, one …
Cyber attackers like to impersonate IT workers
Mandiant, the (apparent) go-to firm for the forensic investigation of high-profile breaches, has released its annual M-Trends report (registration required), which shows that …
Real MITM attacks enabled by Komodia’s software might have already happened
When the issue of Lenovo’s pre-installed SSL-breaking Superfish adware first gained widespread media recognition, the company’s CTO Peter Hortensius tried to do …
Cisco, Apple, Citrix products no longer welcome on Chinese government systems
A slew of US tech companies have been dropped from China’s Ministry of Finance’s approved government procurement list, including Apple, McAfee, Citrix Systems and …
Featured news
Resources
Don't miss
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
- Incident response lessons learned the hard way
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years