Zeljka Zorz
OpenEMR vulnerabilities put patients’ info, medical records at risk
A slew of vulnerabilities in OpenEMR allowed attackers to access random patients’ health records, view data from a target database, escalate their privileges on the …
Hashcat developer discovers simpler way to crack WPA2 wireless passwords
While looking for ways to attack the new WPA3 security standard, Hashcat developer Jens “Atom” Steube found a simpler way to capture and crack access credentials …
Android Pie: Security and privacy changes
It is official: “Android P” is Android Pie, and it comes with a variety of new capabilities and security and privacy changes. The newest version (9.0) of the …
Preventing IDN homograph attacks from harming your brand/reputation
Phishing is, by and large, the most often used attacker tactic to trick victims into sharing useful information such as login credentials. More often than not, that means …
The FBI warns about compromised IoT devices
The FBI is instructing users on how to recognize when their IoT devices have been compromised and advising them on how to keep them secure. “Compromised devices may be …
HP plugs critical RCE flaws in InkJet printers
HP has plugged two critical vulnerabilities (CVE-2018-5924, CVE-2018-5925) affecting many of its InkJet printers and is urging users to implement the provided firmware updates …
Intensifying DDoS attacks: Choosing your defensive strategy
One of the biggest misconception regarding DDoS attacks is that they are a once-in-a-lifetime event for organizations, says Josh Shaul, VP of Web Security at Akamai. …
Compromised MikroTik routers power extensive cryptojacking campaign
A massive cryptojacking campaign that relies on compromised MikroTik routers serves users with pages injected with the Coinhive mining script. It seems that the attacker …
Facebook CSO Alex Stamos leaves to join Stanford Uni
Facebook Chief Security Officer Alex Stamos has announced that he’s leaving the company on August 17 and will be joining Stanford University full-time as a teacher and …
Google to warn G Suite admins of government-backed attacks
Google started warning Gmail users of state-sponsored attacks in 2012 and now the option has been made available to G Suite admins. What is G Suite? G Suite (formerly Google …
Reddit suffers data breach despite using SMS-based 2FA
Popular social news aggregation and discussion website Reddit has suffered a breach. The attacker broke into some of its systems and got access to some user data, but did not …
How the SamSam attacker stole millions from US companies
There are many reasons that the SamSam ransomware has achieved widespread notoriety: it disrupted the operations of some of its victims to a point that the attack …