Zeljka Zorz
Atlanta government systems hit by ransomware
The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use …
Malware leverages web injects to empty users’ cryptocurrency accounts
Criminals trying to get their hands on victims’ cryptocurrency stashes are trying out various approaches. The latest one includes equipping malware with …
Flaws in ManageEngine apps opens enterprise systems to compromise
Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 …
AMD confirms processor flaws found by CTS Labs, firmware fixes are coming
Chipmaker AMD has confirmed that the vulnerabilities discovered by CTS Labs researchers earlier this month do affect a variety of its products, and that firmware patches …
880,000 payment cards, user info hit in Orbitz data breach
Expedia subsidiary Orbitz has revealed that a legacy Orbitz travel booking platform had been compromised and personal user information and payment card data might have been …
Privilege escalation on Unix machines via plugins for text editors
Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have …
Cambridge Analytica and Facebook’s privacy storm: Latest developments
A day before the most recent exposé on Strategic Communication Laboratories (SCL)/Cambridge Analytica’s exploitation of user data syphoned out of Facebook to fuel …
New Intel processors to have hardware-based protections against Meltdown, Spectre 2
Intel has officially pushed out microcode updates with Spectre and Meltdown mitigations for all of the processors it launched in the past five years. In addition to this, the …
Former Equifax exec charged with insider trading after data breach
Jun Ying, a former Equifax executive, has been hit with criminal charges as well as SEC (Securities and Exchange Commission) charges for insider trading relating to his sales …
Microsoft kicks off bounty program for speculative execution bugs
Microsoft wants security researchers to search for and report speculative execution side channel vulnerabilities (a hardware vulnerability class that affects CPUs from …
Firefox news: Fresh releases, Firefox Quantum for Enterprise, privacy protections
Firefox 59 (for desktop and mobile) and Firefox ESR 52.7 have been released to the public. Privacy enhancements and security fixes The former sports some performance …
Dangerous CredSSP flaw opens door into corporate servers
A critical vulnerability in the Credential Security Support Provider protocol (CredSSP), introduced in Windows Vista and used in all Windows versions since then, can be …
Don't miss
- This is the year CISOs unlock AI’s full potential
- How AI and ML are transforming digital banking security
- UK domain registry Nominet breached via Ivanti zero-day
- Attackers are encrypting AWS S3 data without using ransomware
- EU law enforcement training agency data breach: Data of 97,000 individuals compromised