Zeljka Zorz
Google Chrome remote code execution flaw detailed, PoC released
Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome. “The [type confusion] …
EV ransomware is targeting WordPress sites
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. …
DOJ wants to know who visited anti-Trump website
The US Department of Justice wants DreamHost to hand over IP addresses of some 1.3 million visitors to disruptj20.org, a website that helped organize political protests during …
AI is key to speeding up threat detection and response
Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach. “Security event …
Enterprise security culture: Why you need it, and how to create it
Security awareness is a term that most information security professionals are familiar with – security culture a little less so. “Security awareness training is …
Google wants iOS Gmail users to think twice about following suspicious links
Google has announced the rollout of new anti-phishing checks for the iOS Gmail app: in less than two weeks, all users will be confronted with two warnings if they attempt to …
Researchers pull off DNA-based malicious code injection attack
Researchers have demonstrated that it’s possible to create synthetic DNA strands containing malicious computer code that, if sequenced and analyzed, could compromise a …
Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself
Mac malware is still a rare occurrence, so it’s no wonder that some of it can lurk, unnoticed for months, on random machines. The latest example falls more in the …
PACER vulnerability allowed hackers to access legal docs while sticking others with the bill
A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? …
The untapped potential of machine learning for detecting fraud
E-commerce fraud protection company Signifyd has recently signed up behavioral analytics expert Long-Ji Lin to fill the position of Chief Scientist. “For advertisers, …
How a port misconfiguration exposed critical infrastructure data
Much has already been said and written about the dangers of potential cyber attacks targeting the electric/power grid. And in Ukraine, they’ve already gone from …
FBI unmasks Tor-using suspected sextortionist
A California man that stands accused of sextortion, producing child pornography, and threats of mass violence has been identified by the FBI through the use of a so-called …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade