Zeljka Zorz
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
How lucrative is web-based cryptojacking?
1 out of 500 of the one million most visited websites according to Alexa contains a web-based cryptominer that starts mining as soon as the website has been opened in the …
Wireshark can be crashed via malicious packet trace files
The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …
EU telecoms suffered 169 major security incidents in 2017
ENISA, EU’s agency for network and information security, has released a report on major telecom security incidents that occurred in the EU in 2017. About the report …
Yahoo woos advertisers with email scanning for targeted ad delivery
While most tech companies that offer free email services are moving away from email scanning as a source of information for advertisers to target users more efficiently, Oath …
Air Canada confirms mobile app data breach, passport numbers were accessed
Air Canada has suffered a data breach and is forcing a password reset on all 1.7 million users of its mobile app, though apparently only 20,000 of the mobile app accounts were …
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …
WhatsApp warns that Google Drive backups are not encrypted
Facebook-owned WhatsApp has recently announced that, starting on November 12, 2018, Android users will be able to store their WhatsApp backups on Google Drive without the …
Half of Alexa Top 1 Million sites now use HTTPS
Slowly but surely, the Internet is on its way to being 100% encrypted. According Scott Helme’s latest analysis of the one million most visited websites according to …
How to remove personal data from connected cars
“Your car is a computer that stores a lot of information about you. When you sell or donate your car, that personal data might be accessible to the next owner if you …
Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
Listening-Watch: Strong, low-effort, wearable 2FA scheme
Passwords are still the preferred online authentication method because they are easy to use, but they are increasingly not enough to keep our accounts secure. To mitigate the …