Zeljka Zorz
After extensive testing, Google introduces the Titan Security Key
Google recently shared that since it made employees use physical security keys instead of passwords and one-time codes, none of them – and there are over 85,000 – …
Securing healthcare organizations: The challenges CISOs face
Healthcare organizations are ideal targets for criminals looking to steal personal and other sensitive information, as the industry is lagging behind when it comes to …
ZDI offers hefty bounties for zero-days in popular web servers, CMSes
The Trend Micro-backed Zero Day Initiative is asking bug hunters to look for zero-day RCE vulnerabilities in several open source server-side products and is ready to pay up to …
Major websites still fail to steer users towards better passwords
The death of passwords is predicted with regular frequency, but we’re still to see it actually happen. It’s possible that it will happen one day but, in the …
Bluetooth vulnerability allows snooping of traffic between paired devices
Researchers Eli Biham and Lior Neumann have discovered a vulnerability in two Bluetooth features that could be exploited by attackers to gain a man-in-the-middle position and …
Chrome starts marking all HTTP sites as “Not secure”
If you’re using Google Chrome and you suddenly start seeing sites you usually visit labeled as “Not secure”, it’s because Google wants to push site …
Hackers stole personal, medication data of a quarter of Singaporeans
Hackers have breached Singapore’s health service and have stolen personal information of some 1.5 million patients. They have also compromised outpatient medication data …
Vulnerability research and responsible disclosure: Advice from an industry veteran
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own …
Diffy: A triage tool for cloud-centric incident response
The Netflix Security Intelligence and Response Team (SIRT) has released Diffy, an open source triage tool that allows digital forensics and incident response teams to quickly …
Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches
Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in its Policy Suite, SD-WAN, and Nexus products. Cisco Policy Suite Users of the …
BEC scams and real estate deals: How to protect yourself?
Despite constant warnings by law enforcement and industry organizations, BEC scammers continue to fleece companies. They target small, medium, and large business and personal …
Microsoft offers bug bounties for holes in its identity services
Microsoft is asking security researchers to look for and report technical vulnerabilities affecting its identity services and OpenID standards implementations, and is offering …
Featured news
Resources
Don't miss
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground