Zeljka Zorz
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, …
Macy’s online store compromised in Magecart-style attack
The webshop of noted U.S. department store company Macy’s has been compromised and equipped with an information-stealing JavaScript, which ended up collecting …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Most Americans feel powerless to prevent data collection, online tracking
Most U.S. adults say that the potential risks they face because of data collection by companies (81%) and the government (66%) outweigh the benefits, but most (>80%) feel that …
Hackers helping communities: Leveraging OSINT to find missing persons
People, in general, like helping other people, no matter their degree of connection. And then there are people who go even further: they find a way to help people help people. …
GitHub Security Lab aims to make open source software more secure
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …
Microsoft to honor California’s digital privacy law all through the U.S.
In the absence of a federal digital privacy law, Microsoft has decided to comply with the requirements of California’s Consumer Privacy Act (CCPA) throughout the U.S. The CCPA …
Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks
Intel’s Patch Tuesday releases are rarely so salient as those pushed out this month: the semiconductor chip manufacturer has patched a slew of high-profile …
November 2019 Patch Tuesday: Actively exploited IE zero-day fixed
November 2019 Patch Tuesday comes with patches for an IE zero-day exploited by attackers in the wild and four Hyper-V escapes. Microsoft updates Microsoft has delivered fixes …
Enterprise cybersecurity in the Asia-Pacific region
Almost one in five business organizations in the Asia-Pacific (APAC) region experienced more than six security breaches in the past two years, a new ESET enterprise …
Your supplier’s BEC problem is your BEC problem
Business email compromise (BEC) scams are a burgeoning threat for organizations and, despite rising awareness, new victims are cropping up daily. BEC scammers don’t care …
Cisco fixes small business routers, kills eavesdropping vulnerability in conferencing devices
Cisco has released security updates for a variety of its products – owners of Small Business RV Series Routers, Web Security Appliances and TelePresence devices should …