Zeljka Zorz
AKBuilder: A builder for exploit-laden Word documents
One doesn’t have to be a great coder to become a successful cybercriminal, as underground markets are filled with offerings that automate one or another step of an …
Tens of thousands WordPress sites defaced, SEO spam to follow
Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites. Sucuri, the company …
Why you need a tailored application security program
For companies that provide applications to their customers, keeping those applications secure is a must. Setting up an application security program is the next logical step, …
Your web browsing history can be linked to your social media accounts
Your web browsing history contains enough information for third parties to be able to link it to your social media profile (Twitter, Facebook, Reddit), Stanford and Princeton …
Vizio smart TVs spied on millions of users without their consent
American company Vizio has decided to settle charges that it installed software on its smart TVs that collected viewing data of some 11 million users without their knowledge …
Review: The Internet of Risky Things
About the author Professor Sean Smith is the Principal Investigator of the Dartmouth Trust Lab and Director of Dartmouth’s Institute for Security, Technology, and …
Anti-piracy tech firm Denuvo inadvertently leaks sensitive info
Denuvo Software Solutions has suffered an embarrassing and potentially damaging information leak. Denuvo is an Austrian company well known for its anti-tamper technology and …
Google is winding up Gmail support for older Chrome versions
Chrome users that, for whatever reason, can’t or don’t want to update to the latest version of the browser will soon start seeing warnings when they access Gmail. …
Exploit for Windows DoS zero-day published, patch out on Tuesday?
A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. The bug It is a memory …
Scammers are blending W-2 phishing with wire fraud
During last year’s run-up to the US Tax Day, scammers mercilessly targeted companies’ payroll and human resources professionals, tricking them into handing over …
Uncloaking Tor Browser users with DRM-protected files
Digital Rights Management (DRM)-protected media files can be used to reveal Tor Browser users’ actual IP address and therefore possibly reveal their identity, …
Egyptian civil society NGOs targeted with sophisticated phishing
In the last few months, a number of Egyptian civil society organizations, lawyers, journalists, and independent activists have been targeted with personalized and generic …
Featured news
Resources
Don't miss
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
- Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence
- How CISOs can elevate cybersecurity in boardroom discussions
- A humble proposal: The InfoSec CIA triad should be expanded