Zeljka Zorz
Unpatched OpenSSL holes found on Siemens ICSs
A number of Siemens industrial products have been found sporting four vulnerabilities in their OpenSSL implementation, which could lead to man-in-the-middle (MitM) attacks or …
Mayhem malware ropes Linux, UNIX servers into botnets
A new malware that researchers have dubbed Mayhem is being used to target Linux and Unix web servers and has so far compromised over 1,400 Linux and FreeBSD servers around the …
Fake Flash Player steals credit card information
A new trojan that’s after credit card details is targeting Android users, warn antivirus experts from Dr. Web. The malware is currently targeting Russian users, but it …
Government-grade malware used for ransomware attacks
It was only a matter of time until cyber criminals got their hands on a piece of government-made malware and repurposed it for their own criminal needs. Sentinel Labs …
vBulletin releases patches for critical SQL injection flaw
The vBulletin team has issued emergency patches for the critical SQL injection vulnerability responsibly reported by the Romanian Security Team. The flaw affects vBulletin …
Botnets gain 18 infected systems per second
“According to industry estimates, botnets have caused over $9 billion in losses to US victims and over $110 billion in losses globally. Approximately 500 million …
Cisco fixes critical flaw in modems and wireless gateways
Cisco has fixed a critical vulnerability affecting a number of its wireless residential gateways and cable modems, and is urging users to check whether their service providers …
vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
UK data watchdog suffered data security breach
A data breach can really happen to anyone – just ask the UK’s Information Commissioner’s Office (ICO). Buried in the recently made public 2013-2014 Annual …
Selectively re-using bad passwords is not a bad idea, researchers say
For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across …
Researcher launches SSL Blacklist
Roman Hussy, the Swiss security activist behind Abuse.ch, has started another project: the SSL Blacklist (SSLBL). Known for the trackers that keep tabs on command and control …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Featured news
Resources
Don't miss
- Unpatched Windows Server vulnerability allows full domain compromise
- Signal blocks Microsoft Recall from screenshotting conversations
- The hidden gaps in your asset inventory, and how to close them
- CTM360 report: Ransomware exploits trust more than tech
- Lumma Stealer Malware-as-a-Service operation disrupted