Zeljka Zorz
Establishing covert communication channels by abusing GSM AT commands
Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception. The duo, who’s …
Intel will not provide Spectre/Meltdown microcode updates for some processor families
Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) …
Critical vulnerability opens Cisco switches to remote attack
A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger …
Cloudflare launches privacy-protecting DNS service
If you’ve been offline during the weekend you might have missed Cloudflare announcing a new privacy-oriented consumer DNS service, hosted at the following IP addresses: …
How to close the security update gap
Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? …
Google to purge cryptomining extensions from Chrome Web Store
In a bid to prevent Chrome users’ computers being covertly used for cryptocurrency mining, Google will try to purge the Chrome Web Store of extensions that hijack …
Hackers steal payment card data of 5 million Saks, Lord & Taylor customers
Hackers have apparently managed to compromise the cash register systems at Saks Fifth Avenue and Lord & Taylor stores in the US and Canada, and have stolen payment card …
Nation-state hackers are attacking our trust in critical systems
In the last few years, the lines between cyber criminals and nation-states have become increasingly blurry and it has become obvious that the private sector is not capable of …
Apple puts privacy information screens in users’ line of sight
Apple has released the latest round of updates for its various products. They come with the usual security fixes, but also a new feature aimed at informing users about what …
Hacking intelligent buildings using KNX and Zigbee networks
A great many of us are living, staying or working in “smart” buildings, relying on automated processes to control things like heating, ventilation, air …
Do you have what it takes to withstand modern DDoS attacks?
As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack …
Netflix, Dropbox promise not to sue security researchers, with caveats
Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the …
Don't miss
- This is the year CISOs unlock AI’s full potential
- How AI and ML are transforming digital banking security
- UK domain registry Nominet breached via Ivanti zero-day
- Attackers are encrypting AWS S3 data without using ransomware
- EU law enforcement training agency data breach: Data of 97,000 individuals compromised