Zeljka Zorz
MacOS malware used to spy on home users in the US
A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US. Fruitfly: The …
Google Groups misconfiguration leads to sensitive data leaks
If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”. …
Google Play Protect scans for malicious apps
By now, many Android users that have the Google Play Store app on their devices should be able to find Google Play Protect in it. What is Google Play Protect? Google Play …
Addressing the deficit in cyber security workforce and national policy
Whether they like it or not, in this day and age nearly all organizations have to think about their cybersecurity posture and find a way to minimize cybersecurity risk. But …
Surprisingly stealthy botnet has been targeting users for years
ESET researchers have unearthed a botnet of some 500,000 infected machines engaged mostly in ad-related fraud by using malicious Chrome extensions, but also Facebook fraud and …
Dark web Hansa Market shut down after being run for a month by law enforcement
Just a few short weeks after dark web market Alpha Bay was shut down, Hansa Market is now also shuttered. After Alpha Bay’s shutdown, many users flocked to Hansa Market, …
Apple patches critical Broadpwn vulnerability in its various OSes
Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws …
Creating the security operations center of the future with Siemplify
Security operations teams are engaged in a constant struggle to keep up with the volume of security alerts, maintain the right skills, and manage incident response processes. …
Hacker grabs $30 million in ether through Parity multisig wallet flaw
Another day, another cryptocurrency heist: this time, the attacker has stolen some $30 million in ether (ETH – value token of the Ethereum blockchain) from a number of …
Exploitable gSOAP flaw exposes thousands of IoT devices to attack
Researchers have unearthed a serious vulnerability in gSOAP, an open source, third-party code library used by thousands of IoT by many different manufacturers. Senrio Labs …
Google introduces new protections to prevent app-based account compromise
Google has implemented new protections that should considerably reduce the risk of potentially malicious apps gaining control of users’ Google account. There can be no …
Attackers are taking over NAS devices via SambaCry flaw
A Samba remote code execution flaw patched in May is being exploited to compromise IoT devices running on different architectures (MIPS, ARM, PowerPC, etc.), Trend Micro …
Featured news
Resources
Don't miss
- Avoiding vendor lock-in when using managed cloud security services
- The CISO’s dilemma of protecting the enterprise while driving innovation
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence