Zeljka Zorz
Card skimming malware found on thousands of Magento-based sites
A card skimming operation has compromised 7,339 Magento-based online stores, allowing the attackers to quietly slurp payment card info as it’s being entered by …
Chrome 69 is out, includes many functional and security changes
Ten years ago Google released the first iteration of its Chrome browser. On Tuesday, the company pushed out version 69. It comes with a number of design and functional …
There are no real shortcuts to most security problems
For Xerox Chief Information Security Officer Dr. Alissa Johnson, human ingenuity, partnerships and automation are the answer to most security problems the company has …
Access misconfiguration opens 3D printers to remote attacks
Spurred by a report coming from a regular reader, SANS ISC handlers Richard Porter and Xavier Mertens searched for OctoPrint interfaces for 3D printers exposed online and …
Phillips plugs security flaws in e-Alert tool
Dutch tech company Phillips has fixed several serious security flaws in Philips e-Alert, a tool that helps magnetic resonance imaging (MRI) systems work as intended. About …
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
How lucrative is web-based cryptojacking?
1 out of 500 of the one million most visited websites according to Alexa contains a web-based cryptominer that starts mining as soon as the website has been opened in the …
Wireshark can be crashed via malicious packet trace files
The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …
EU telecoms suffered 169 major security incidents in 2017
ENISA, EU’s agency for network and information security, has released a report on major telecom security incidents that occurred in the EU in 2017. About the report …
Yahoo woos advertisers with email scanning for targeted ad delivery
While most tech companies that offer free email services are moving away from email scanning as a source of information for advertisers to target users more efficiently, Oath …
Air Canada confirms mobile app data breach, passport numbers were accessed
Air Canada has suffered a data breach and is forcing a password reset on all 1.7 million users of its mobile app, though apparently only 20,000 of the mobile app accounts were …
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …
Featured news
Sponsored
Don't miss
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality
- FIN7 sells improved EDR killer tool
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)