Zeljka Zorz
Australia: Parliament passes anti-encryption bill
The Parliament of Australia has passed the Assistance and Access Bill 2018, which allows Australian authorities to pressure communication providers and tech companies into …
Old and new OpenSSH backdoors threaten Linux servers
OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux …
Apple releases security updates for Macs, iDevices, AppleTV
Another month, another set of Apple security updates: if you’re using macOS, iOS, Shortcuts for iOS, tvOS, Safari, and iCloud and iTunes for Windows, it’s time to …
Adobe patches newly exploited Flash zero-day
Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being …
Post-exploitation scanning tool scavenges for useful information
Philip Pieterse, Principal Consultant for Trustwave’s SpiderLabs, has demonstrated at Black Hat Arsenal Europe 2018 a new tool for penetration testers called Scavenger. …
Chrome 71 is out, with several security changes
Google has released Chrome 71 for Windows, Mac, Linux and Android. The newest version of the popular browser comes with 43 security fixes and many new features, including …
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
Quora data breach: 100 million users affected
Question-and-answer website Quora has suffered a data breach that may have affected approximately 100 million of its users. About Quora Quora was founded in June 2009 by …
Detecting malicious behavior blended with business-justified activity
With organizations moving to the cloud and remote workers becoming the rule rather than the exception, the definition of the network is changing. Add to this the increasing …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
Make-A-Wish website compromised to serve cryptojacking script
Visitors of the international website of the US-based non-profit Make-A-Wish Foundation have had their computing power misused to covertly mine cryptocurrency, Trustwave …
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack
Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users