Zeljka Zorz
Google removes inline installation option for Chrome extensions
Google is shutting down an often used vector for delivering malicious Chrome extensions to users by removing the inline installation option. What will happen? The announcement …
US repeals net neutrality rules, what happens now?
Net neutrality rules have been officially repealed in the US on Monday, as the Restoring Internet Freedom Order by the Federal Communications Commission went into effect. The …
Fooling security tools into believing malicious code was signed by Apple
The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security …
VMware plugs RCE hole in remote management agent
VMware has fixed a critical remote code execution vulnerability in VMware AirWatch Agent for Android and Windows Mobile, and is urging users to upgrade to the newest versions …
French company fined 250,000 euros for a data leak
CNIL, the French data protection authority, has decided to impose a 250,000 euro fine on Optical Center, a French company selling eye and hearing aids, because it failed to …
Facebook confirms bug messed with 14 million users’ sharing settings
Facebook has admitted that, between May 18 and 27, posts by some 14 million users were automatically set to be shared with the public. “Every time you share something on …
Adobe releases fix for actively exploited Flash Player zero-day
If you’re still using Flash Player, it’s time to update it again – and quickly: Adobe has just patched a critical zero day vulnerability (CVE-2018-5002) …
Traffic manipulation and cryptocurrency mining campaign compromised 40,000+ machines
Unknown attackers have compromised 40,000+ servers, networking and IoT devices around the world and are using them to mine Monero and redirect traffic to websites hosting tech …
Vulnerable ship systems: Many left exposed to hacking
Pen Test Partners’ Ken Munro and his colleagues – some of which are former ship crew members who really understand bridge and propulsion systems – have been …
VPNFilter malware targets new devices, can deliver exploits to endpoints
Cisco Talos researchers have news about the VPNFilter malware, and it doesn’t look good: It is capable of compromising a much wider array of routers than previously …
Facebook gave user data access to Chinese mobile device makers, too
On Sunday, The New York Times revealed that Facebook has been providing mobile phone and tablet vendors access to user (and users’ friends’) data even though the …
MyHeritage suffers data breach, account details of 92+ million users compromised
Israel-based genealogy and DNA testing company MyHeritage has apparently suffered a data breach that resulted in the compromise of email addresses and hashed passwords of all …
Featured news
Resources
Don't miss
- GitHub CISO on security strategy and collaborating with the open-source community
- Chainsaw: Open-source tool for hunting through Windows forensic artefacts
- Time for a change: Elevating developers’ security skills
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance