Zeljka Zorz
Facebook offers bounties for user token bugs in third-party apps, websites
Facebook is expanding its bug bounty program to include vulnerabilities in third-party apps and websites that involve improper exposure of Facebook user access tokens. …
Improved features and security fixes in iOS 12, watchOS 5, tvOS 12, and Safari 12
Apple has released new versions of iOS, watchOS, tvOS and Safari and has plugged a number of security holes in each. iOS 12 iOS 12 comes with improved usability, stability, …
Data breaches make companies underperform the market in the long run
While the share prices of companies that experienced a sizeable/huge data breach suffer just a temporary hit, in the long term breached companies underperformed the market, an …
Preventing exfiltration of sensitive docs by flooding systems with hard-to-detect fakes
A group of researchers from Queen’s University (Canada) have proposed a new approach for keeping important documents safe: creating so many believable fakes that …
Tech support scammers leverage “evil cursor” technique to “lock” Chrome
Tech scammers are constantly coming up with new techniques to make users panic and seek their bogus services. The latest one, documented by Malwarebytes researchers, has been …
Magecart compromises Feedify to get to hundreds of e-commerce sites
Customer engagement service Feedify has been hit by Magecart attackers, who repeatedly modified a script that it serves to a few hundred websites to include payment card …
Scan reveals known open source vulnerabilities in popular Android apps
Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center …
September 2018 Patch Tuesday: Microsoft fixes actively exploited zero-day
Microsoft’s September 2018 Patch Tuesday has brought fixes for a little over 60 security vulnerabilities, 17 of which are critical and one is being actively exploited in …
Cybersecurity as catalyst for greater adoption of agile development
Agile development increases the output of software development projects by using a faster, more iterative engineering process. This pace also allows rapid course correction, …
Advantech WebAccess RCE flaw still exploitable, exploit code available
A vulnerability in Advantech WebAccess, a web browser-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems, …
British Airways breach was effected by Magecart attackers
The British Airways breach was the work of a well-known criminal group dubbed Magecart, which managed to put payment card skimming code on the company’s website, says …
What can we do to reverse the cybersecurity skills shortage?
An ever widening cybersecurity skills gap is making comprehensive cyber security protection – based on a combination of the latest tools and internal expertise – …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users