Zeljka Zorz
December 2018 Patch Tuesday: Microsoft patches Windows zero-day exploited in the wild
It’s Patch Tuesday again and, as per usual, both Microsoft and Adobe have pushed out patches for widely-used software packages. The Microsoft patches Microsoft’s …
Securing and managing the enterprise Internet of Things
A future where the Internet of Things spreads exponentially is almost certain. Seemingly everybody wants these devices: consumers for the helpful features and manufacturers …
Android Trojan steals money from victims’ PayPal account
ESET researchers have unearthed a new Android Trojan that tricks users into logging into PayPal, then takes over and mimics the user’s clicks to send money to the attacker’s …
30% of healthcare databases are exposed online
Despite the fact that electronic health records (EHR) contain extremely sensitive information about individuals, it is shockingly easy for malicious actors to get their hands …
Another API bug spurs Google to ditch consumer Google+ sooner than planned
Google has unearthed another Google+ API bug, which prompted it to accelerate the sunsetting of all Google+APIs and that of the consumer version of Google+. The API bug The …
Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits
Is it possible for attackers to equip integrated circuits with hardware Trojans that will not change the area or power consumption of the IC, making them thus indiscernible …
Mitigating the risk of Office 365 account hijacking
Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, …
Australia: Parliament passes anti-encryption bill
The Parliament of Australia has passed the Assistance and Access Bill 2018, which allows Australian authorities to pressure communication providers and tech companies into …
Old and new OpenSSH backdoors threaten Linux servers
OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux …
Apple releases security updates for Macs, iDevices, AppleTV
Another month, another set of Apple security updates: if you’re using macOS, iOS, Shortcuts for iOS, tvOS, Safari, and iCloud and iTunes for Windows, it’s time to …
Adobe patches newly exploited Flash zero-day
Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being …
Post-exploitation scanning tool scavenges for useful information
Philip Pieterse, Principal Consultant for Trustwave’s SpiderLabs, has demonstrated at Black Hat Arsenal Europe 2018 a new tool for penetration testers called Scavenger. …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history