Zeljka Zorz
Client-Side Attacks and Defense
Whether it's security vulnerabilities in software used by millions of home users and employees, or the natural human tendency to trust what comes at us, but even the most …
Massive Chameleon botnet steals $6M per month from advertisers
Web traffic analytics firm spider.io has discovered a massive botnet that emulates human visitors in order to earn its master(s) over $6 million per month from online …
Malware pushers poison MSN Messenger search results
As the date when the MSN Messenger is scheduled to be phased out speedily approaches, it is getting harder to find an installer for it online, so malware peddlers gave rushed …
Internal name SSL certificates could be exploited for MitM atacks
The Certificate Authority practice of issuing “Internal Name” certificates for private domains which are currently non-resolvable by the Domain Name System could …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Beware of fake Candy Crush apps on Google Play
Whenever a mobile game becomes hugely popular, it also becomes a great way for scammers and malware peddlers to lure users into unknowingly installing malicious apps on their …
Andrew Auernheimer gets prison sentence for AT&T iPad “hack”
Andrew “weev” Auernheimer, security researcher and member of Goatse Security, has been handed a 41-month-long prison sentence for harvesting and publishing emails …
Who is attacking industrial control systems?
Since the discovery of Stuxnet, industrial control systems (ICS) and supervisory control and data acquisition (SCADA) networks have received a fair share of attention from …
Massive casino scam pulled off via CCTV system compromise
A high-rolling player has been thrown out of a casino in Australia after having successful executed a scam that involved compromising of the gambling establishment’s …
Becoming a malware analyst
There are few jobs in this industry that seem as appealing and interesting to me as that of a malware analyst. In my mind, these professionals were waking up each day to …
“Confidential document on Google Docs” leads to account hijacking
A simple phishing scam aimed at harvesting users’ Google credentials is hitting inboxes around the world, warns Hoax-Slayer. “Please view the document i uploaded …
New ZeuS-based modular rootkit offered to cybercriminals
Given the popularity of the Zeus crimeware, and the fact that its source code has been ultimately offered for sale at bargain basement prices, it’s no wonder that every …
Featured news
Resources
Don't miss
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations