Zeljka Zorz
Helping researchers with IoT firmware vulnerability discovery
John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through …
November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day
As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this …
BEC scammers stole €19m from film company Pathé
The Dutch branch of the French film production and distribution company Pathé has lost over 19 million euros to BEC scammers, Dutch News reported. The scam Information about …
Cybersecurity and ethical data management: Getting it right
Data can provide information, information can lead to insight and knowledge, and knowledge is power. It’s no wonder, then, that seemingly everybody in this modern, …
1 in 5 merchants compromised by Magecart get reinfected
The Magecart threat looms large for online retailers and their customers, as the criminal groups that have been assigned this collective name are constantly trying out new …
Chrome will start warning users about shady mobile subscription pages
Google has announced that, starting from Chrome 71, users will be explicitly warned when attempting to visit pages that try to trick them into signing up for mobile-based …
How email fraud tactics continue to find new life
Almost as soon as email became widely used, crooks and scammers began using it as a means to defraud people. In today’s world, malicious fake emails continue to be a …
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Attackers breached Statcounter to steal cryptocurrency from gate.io users
Web analytics company Statcounter and cryptocurrency exchange gate.io have been compromised in another supply-chain attack, which resulted in an unknown number of gate.io …
How task management and easy collaboration can help your security team
Many individuals struggle with organizing their day-to-day work. In instances where they are expected to perform many disparate tasks, disorganization could end up being fatal …
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …