Zeljka Zorz
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. Critical issues fixed CVE-2018-0044 …
Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites
The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as …
October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day
With the October 2018 Patch Tuesday release Microsoft has fixed 49 vulnerabilities, 12 of which are rated “critical.” Previously known flaws and an actively …
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou …
Apple fixes iOS 12 passcode bypass vulnerabilities
Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and iOS, some of which can be exploited by attackers to take control of an …
The end of Google+: Low usage and an API bug that exposed user data
Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more granular Google Account permissions, …
Most hosting providers take too long to remove malware distribution sites
How long does it take web hosting providers to remove malware distribution sites parked on their network? Roman Hussy, the Swiss security activist behind abuse.ch, says that, …
MikroTik routers with default credentials can be easily compromised
If you own a MikroTik router and you haven’t updated its RouterOS in the last month, you should do so now: Tenable Research has released details about four …
New IoT legislation bans shared default passwords
In an attempt to make it harder for bots to take over the myriad of connected devices sold in California, the state legislators have pushed through and California Governor …
China allegedly infiltrated US companies through implanted hardware backdoors
Many US companies, including Amazon and Apple, have been the victims of a clever supply chain attack that resulted in compromised hardware (servers) being installed at some of …
Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship
Alphabet subsidiary and tech incubator Jigsaw, which concentrates on creating solutions for “the toughest geopolitical challenges,” has released Intra, an Android …
APTs are targeting IT service providers
Managed service providers (MSPs) and cloud service providers (CSPs) are under attack by advanced persistent threat (APT) groups, the U.S. Department of Homeland Security …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users