Zeljka Zorz
Intelligence data, security credentials found exposed in the Amazon cloud
A data cache containing highly sensitive US military data has inadvertently been exposed online, UpGuard cyber risk analyst Chris Vickery has discovered last week. After …
Hackers hosted tools on a Stanford University website for months
Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result …
Hackers blackmail patients of cosmetic surgery clinic
Hackers have been trying to blackmail patients of a Lithuanian plastic surgery clinic, by threatening to publish their nude “before and after” photos online. The …
Attacks within the Dark Web
For six months, Trend Micro researchers operated a honeypot setup simulating several underground services on the Dark Web. The goal of their research was to see if those …
What will it take to keep smart cities safe?
“Smart cities” use smart technologies in their critical infrastructure sectors: energy, transportation, environment, communications, and government. This includes …
8 RCE, DoS holes in Microsoft Malware Protection Engine plugged
After the discovery and the fixing of a “crazy bad” remote code execution flaw in the Microsoft Malware Protection Engine earlier this month, now comes another …
Vulnerability opens FreeRADIUS servers to unauthenticated attackers
A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …
Healthcare industry continues to struggle with software security
67% of medical device manufacturers and 56% of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organizations is likely …
Most people would pay a ransom to get their data back
The high-profile WannaCry attack was the first time that 57% of US consumers were exposed to how ransomware works, the results of a recent Carbon Black survey have revealed. …
New class of attacks affects all Android versions
Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include …
Bogus anti-WannaCry apps cropping up on Google Play
While the world is still battling the WannaCry ransomworm menace, fraudsters have decided to exploit the threat’s visibility and users’ confusion to make them …
Critical Samba code execution hole plugged, patch ASAP!
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …