Zeljka Zorz
What healthcare CISOs should know
“Are we more secure today than yesterday?” is the question every healthcare organization needs to asks itself every day. in order to develop a more effective security posture, …
Spectacular phishing attack pushes Google to improve defenses
The most recent Google-themed phishing attack shouldn’t have come as a surprise, but it did – and has affected around a million Gmail users. As Google succinctly …
Security awareness is good, but good security culture is better
As an efficient mechanism to influence employee behavior, security culture is one of the most important, yet most overlooked, aspects of organizational security. “A …
If you downloaded HandBrake for Mac, you could be infected with Proton RAT
A mirror download server of HandBrake, a popular open source video conversion app for Mac, has been compromised, and the legitimate app .dmg file switched with a Trojanized …
Malware framework using legitimate utilities lobbed at government agencies
Bitdefender researchers have unearthed a previously unknown malware framework that, unlike those used by most APTs, contains many legitimate utilities. Dubbed Netrepser, the …
Turla gets ready to target Mac users
The cyber espionage group deploying the Turla (aka Snake, Uroburos, or Agent.BTZ) malware framework is expected to be able to target Mac users soon. The APT group The group, …
UK govt wants real-time communication surveillance powers, courtesy of telcos
A leaked draft of proposed regulations shows that the UK government is after greater communication surveillance powers, and that in order to get them, it will legally require …
Bondnet botnet goes after vulnerable Windows servers
A botnet consisting of some 2,000 compromised servers has been mining cryptocurrency for its master for several months now, “earning” him around $1,000 per day. …
Critical RCE flaw in ATM security software found
Researchers from Positive Technologies have unearthed a critical vulnerability (CVE-2017-6968) in Checker ATM Security by Spanish corporate group GMV Innovating Solutions. The …
WordPress admins, take note: RCE and password reset vulnerabilities revealed
Independent security researcher Dawid Golunski has released a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 …
Attackers exploited SS7 flaws to empty Germans’ bank accounts
Cyber criminals have started exploiting a long-known security vulnerabilities in the SS7 protocols to bypass German banks’ two-factor authentication and drain their …
Hacking industrial robots in today’s smart factories
It has been estimated that by 2018, approximately 1.3 million industrial robot units – mechanical multi-axis “arms” used for automating various operations – will …
Featured news
Resources
Don't miss
- How CISOs can elevate cybersecurity in boardroom discussions
- A humble proposal: The InfoSec CIA triad should be expanded
- Rsync vulnerabilities allow remote code execution on servers, patch quickly!
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense