Zeljka Zorz
Major websites still fail to steer users towards better passwords
The death of passwords is predicted with regular frequency, but we’re still to see it actually happen. It’s possible that it will happen one day but, in the …
Bluetooth vulnerability allows snooping of traffic between paired devices
Researchers Eli Biham and Lior Neumann have discovered a vulnerability in two Bluetooth features that could be exploited by attackers to gain a man-in-the-middle position and …
Chrome starts marking all HTTP sites as “Not secure”
If you’re using Google Chrome and you suddenly start seeing sites you usually visit labeled as “Not secure”, it’s because Google wants to push site …
Hackers stole personal, medication data of a quarter of Singaporeans
Hackers have breached Singapore’s health service and have stolen personal information of some 1.5 million patients. They have also compromised outpatient medication data …
Vulnerability research and responsible disclosure: Advice from an industry veteran
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own …
Diffy: A triage tool for cloud-centric incident response
The Netflix Security Intelligence and Response Team (SIRT) has released Diffy, an open source triage tool that allows digital forensics and incident response teams to quickly …
Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches
Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in its Policy Suite, SD-WAN, and Nexus products. Cisco Policy Suite Users of the …
BEC scams and real estate deals: How to protect yourself?
Despite constant warnings by law enforcement and industry organizations, BEC scammers continue to fleece companies. They target small, medium, and large business and personal …
Microsoft offers bug bounties for holes in its identity services
Microsoft is asking security researchers to look for and report technical vulnerabilities affecting its identity services and OpenID standards implementations, and is offering …
Microsoft tops list of brands impersonated by phishers
The number one brand spoofed by phishers in Q2 2018 in North America was Microsoft, says email security company Vade Secure. The company credits the surging of adoption of …
Do you have what it takes to become a Chief Scientist in the infosec industry?
Igor Baikalov, Chief Scientist at security analytics firm Securonix, is a trained scientist: he spent over 16 year working on various aspects of Structural Biology, developing …
GitHub adds Python support for security alerts
GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also …