Zeljka Zorz
Critical flaws in maritime comms system could endanger entire ships
IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. …
Offshore law firm Appleby confirms data breach
Appleby, a major offshore law firm based in Bermuda, has confirmed it has suffered a data security incident in 2016 that resulted in some of their data being compromised. …
Coinhive breached due to old, reused password
Coinhive has suffered another setback: their DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project’s …
NotPetya successor Bad Rabbit hits orgs in Russia, Ukraine
Bad Rabbit ransomware, apparently modeled on NotPetya, has hit a number of organizations across Russia, Ukraine, and Eastern Europe on Tuesday. Russian security outfit …
Is the Windows 10 controlled folder access anti-ransomware feature any good?
With last week’s release of Windows 10 Fall Creators Update, users get a new feature aimed at stopping ransomware from encrypting their most important files. It’s …
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …
The impact of threat hunting on your security operations
The main goal of threat hunting is to find traces attackers have left behind in the organization’s IT environment. These traces can date back to already solved crises or …
Beware fake Android cryptocurrency trading apps on Google Play
Two phishing apps that were made to look like the official app of popular cryptocurrency exchange Poloniex have been booted off Google Play after ESET researchers notified …
MacOS Proton backdoor delivered via Trojanized media player app
A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer’s official site, ESET researchers have …
EU MEPs want stronger privacy rules for Internet-enabled communication services
With 31 votes for, 24 against and one abstention, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) has backed new privacy protections for …
Google wants bug hunters to probe popular Android apps for bugs
Google has started another bug bounty initiative: the Google Play Security Reward Program. While the name of the program might suggest that bug hunters will be after …
Cisco plugs WPA2 holes, critical Cloud Services Platform flaw
Cisco has released updates to address vulnerabilities in a wide variety of its products. Among these are updates fixing the WPA2 vulnerabilities that can be exploited in the …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype