Zeljka Zorz
Security awareness is good, but good security culture is better
As an efficient mechanism to influence employee behavior, security culture is one of the most important, yet most overlooked, aspects of organizational security. “A …
If you downloaded HandBrake for Mac, you could be infected with Proton RAT
A mirror download server of HandBrake, a popular open source video conversion app for Mac, has been compromised, and the legitimate app .dmg file switched with a Trojanized …
Malware framework using legitimate utilities lobbed at government agencies
Bitdefender researchers have unearthed a previously unknown malware framework that, unlike those used by most APTs, contains many legitimate utilities. Dubbed Netrepser, the …
Turla gets ready to target Mac users
The cyber espionage group deploying the Turla (aka Snake, Uroburos, or Agent.BTZ) malware framework is expected to be able to target Mac users soon. The APT group The group, …
UK govt wants real-time communication surveillance powers, courtesy of telcos
A leaked draft of proposed regulations shows that the UK government is after greater communication surveillance powers, and that in order to get them, it will legally require …
Bondnet botnet goes after vulnerable Windows servers
A botnet consisting of some 2,000 compromised servers has been mining cryptocurrency for its master for several months now, “earning” him around $1,000 per day. …
Critical RCE flaw in ATM security software found
Researchers from Positive Technologies have unearthed a critical vulnerability (CVE-2017-6968) in Checker ATM Security by Spanish corporate group GMV Innovating Solutions. The …
WordPress admins, take note: RCE and password reset vulnerabilities revealed
Independent security researcher Dawid Golunski has released a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 …
Attackers exploited SS7 flaws to empty Germans’ bank accounts
Cyber criminals have started exploiting a long-known security vulnerabilities in the SS7 protocols to bypass German banks’ two-factor authentication and drain their …
Hacking industrial robots in today’s smart factories
It has been estimated that by 2018, approximately 1.3 million industrial robot units – mechanical multi-axis “arms” used for automating various operations – will …
More and more apps equipped with ultrasonic tracking capability
Researchers have found 234 Android applications that are constantly listening for ultrasonic beacons in the background, allowing companies to track users’ current …
Super Free Music Player is the latest malware on Google Play
Another day, another piece of malware lurking on Google Play, masquerading as a free and helpful app. This time it’s called “Super Free Music Player” and is …