Zeljka Zorz
Most Magento shops get compromised via vulnerable extensions
Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The …
Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users
5G cellular mobile communications, when implemented, are expected to provide high bandwidth, low latency, energy savings, better connectivity, but security and privacy must …
New Mac malware steals cookies, cryptocurrency and computing power
A new piece of Mac malware is looking to steal both the targets’ computing power and their cryptocurrency stash, Palo Alto Networks researchers warn. About the …
Google also abused its Apple developer certificate to collect iOS user data
It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of …
Microsoft rolls out new tools for enterprise security and compliance teams
Microsoft has announced a number of new capabilities and improvements for tools used by enterprise administrators. New Microsoft 365 security and compliance centers The new …
Facebook to shut down iOS app that allowed for near total data access
When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three …
Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65
Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy …
Critical FaceTime bug turns iPhones, Macs into eavesdropping tools
A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently …
Emotet: A veritable Swiss Army knife of malicious capabilities
Formerly just a banking Trojan, Emotet is now one of the most dangerous and multifaceted malware out there. According to Malwarebytes, it and Trickbot are part of the reason …
Facebook plans to integrate WhatsApp, Messenger and Instagram
The New York Times offers the option but is not on by default, and Instagram offers none. “This move could be potentially be good or bad for security/privacy. But given …
Vulnerable cloud infrastructure experiencing increasing attacks
Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks …
PHP PEAR supply chain attack: Backdoor added to installer
Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users