Zeljka Zorz
Google releases details, PoC exploit code for IE, Edge flaw
As we’re impatiently waiting for Microsoft to patch vulnerabilities that were scheduled to be fixed in February, Google has released details about a serious …
Cyber extortionists hold MySQL databases for ransom
Ransomware has become cyber crooks’ favorite attack methodology for hitting businesses, but not all cyber extortion attempts are effected with this particular type of …
The failure of EU’s regulation on cyber-surveillance tech exports
When in April 2016 the Italian Ministry of Economical Progress revoked Hacking Team’s licence to export their Galileo remote control software outside of the EU, it …
Which countermeasures improve security and which are a waste of money?
If you want to know about which cyber defenses are most effective and which are a waste of money and resources, ask a hacker. And that’s just what Nuix researchers did. …
New attack sounds death knell for widely used SHA-1 crypto hash function
SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a …
Suspected Deutsche Telekom router hacker arrested
A 29-year-old British national, believed to be the mastermind behind last November’s unsuccessful hijacking attempt of Deutsche Telekom users’ routers, was …
Removing admin rights mitigates most critical Microsoft vulnerabilities
Avecto has analyzed the security bulletins Microsoft released in the past year, and came to an important conclusion: an overwhelming majority of all the critical Microsoft …
New macOS ransomware masquerades as software cracking tools
New crypto ransomware dubbed Filecoder (aka Findzip) is stalking macOS users, ESET researchers warn. Masquerading as an application for cracking/patching legal copies of Adobe …
Stethoscope spurs employees to implement better security practices
Every now and then, Netflix open sources some of the security tools created by its coders. The latest example of this is Stethoscope, a web application that collects …
Cyber crooks’ latest tricks for targeting Chrome users
Chrome users have lately been targeted with a few unusual malware delivery and scam attempts. The “font wasn’t found” trick The first one comes from compromised WordPress …
Microsoft pushes out patches for critical Flash Player vulnerabilities
Microsoft has skipped its February 2017 Patch Tuesday and postponed the release of those patches for March, but there are apparently security vulnerabilities that must be …
Detecting PLC malware in industrial control systems
How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems (ICS) detect it? According to a …