Zeljka Zorz
Hackers hit VFEmail, wipe US servers and backups
Unknown attackers have breached the servers of VFEmail and have wiped disks on every one of its US-based servers, the email provider has confirmed. At this time, the attacker …
RunC container escape flaw enables root access to host system
A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged …
OkCupid account hijackings highlight website account management issues
Users of popular dating site OkCupid have been complaining of hackers taking over their account, locking them out by changing the associated email address and password, and …
BEC-style attacks exploded in Q4 2018
Email remains the top vector for malware distribution and phishing, while BEC fraud continues to grow rapidly, Proofpoint warns in its Q4 2018 Threat Report. “The number …
Adiantum: A new encryption scheme for low-end Android devices
Google has created an alternative disk and file encryption mode for low-end Android devices that don’t have enough computation power to use the Advanced Encryption …
Apple fixes FaceTime eavesdropping bug, two iOS zero-days
Apple has pushed out critical security updates for iOS and macOS, which fix the “Facepalm” FaceTime eavesdropping bug but also two zero-day flaws that, according …
How today’s workforce stays secure and what apps it prefers
User-focused security apps KnowBe4, LastPass, and Proofpoint dominate the list of fastest growing apps within enterprises, according to Okta. “KnowBe4 in particular is …
8 months of GDPR: 59,000+ reported breaches, 91 fines
A little over eight months have passed since the EU General Data Protection Regulation (GDPR) became enforceable, but it’s becoming clear that sweeping data breaches …
Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
Google’s new Chrome extension flags insecure passwords
As the number of compromised and leaked credentials rises inexorably with each passing day, Google has decided to help users choose safe combinations for all their online …
70 real-life hackers and cybersecurity practitioners share their personal insights
Entering the information security industry can be a formidable undertaking and renowned professionals often seem larger than life and unapproachable (even though most are on …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users