Zeljka Zorz
UK govt wants IoT manufacturers to take responsability for security
The UK government aims to shift the burden of securing IoT devices away from consumers and put the onus of securing them squarely on the manufacturers. “Poorly secured …
Locked Windows machines can be compromised through Cortana
Compromising locked Windows computers that have the Cortana voice-activated virtual assistant enabled is relatively easy – or it was until Microsoft made a simple tweak. …
Exim vulnerability opens 400,000 servers to remote code execution
If you’re using the Exim mail transfer agent on your Internet-connected Unix-like systems and you haven’t yet upgraded to version 4.90.1, now is the time to do it …
Wire shares results of independent security audit of its secure messaging apps
When I last spoke to Alan Duric, co-founder and (at the time) CEO of the company developing secure messaging application Wire, he stressed the importance of independent and …
Criminals can build Web dossiers with data collected by browsers
Everybody knows by now that websites collect information about users’ location, visited pages, and other data that can help them improve or monetize the experience. But …
Cryptocurrency-stealing malware relies on victims copy-pasting wallet info
An unconventional email spam campaign has been delivering unusual cryptocurrency-stealing malware to American and Japanese users. The emails are sporting “Re: …
Backdooring connected cars for covert remote control
We’ve all known for a while now that the security of connected cars leaves a lot to be desired. The latest proof of that sad state of affairs comes from Argentinian …
New LTE attacks open users to eavesdropping, fake messages, location spoofing
A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit …
Keeping on top of ICS-focused hacking groups, defenses
How many hacking groups are focusing on ICS systems? Dragos security researchers say at least five were active in 2017. “While only one has demonstrated an apparent …
Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs
Microsoft has pushed out a new set of Spectre (variant 2) security updates. For the moment, these are just for some devices running on Skylake CPUs and Windows 10 Fall …
Hackers breached German government’s secure computer networks
The Russia-linked Sofacy hacking group has breached the secure computer networks of a number of German federal agencies. The group – also known as APT28, Fancy Bear, and …
Phillips clinical imaging solution plagued by vulnerabilities
Phillips is developing a software update to mitigate 35 CVE-numbered vulnerabilities in the Philips IntelliSpace Portal (ISP), a clinical imaging visualization and analysis …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade