Zeljka Zorz
Most unpatched Joomla sites compromised in latest wave of attacks
If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised. According to Sucuri …
Australian blood donors’ info found leaking from insecure server
Personal information of some 550,000 Australian blood donors has been sitting exposed on a web developer’s server and has been downloaded by a person who effectively …
New code injection attack works on all Windows versions
Researchers from security outfit enSilo have uncovered a new code injection technique that can be leveraged against all Windows versions without triggering current security …
Phishers are impersonating major UK banks on Twitter
Customers of UK banks are being targeted by phishers impersonating the banks’ customer support account on Twitter, Proofpoint warns. The phishers usually choose a …
Icarus takes control of drones by impersonating their operators
Researcher Jonathan Andersson, a member of Trend Micro’s TippingPoint DVLabs, has demonstrated how a specialized hardware module dubbed Icarus can be used to hijack a …
Dyn DDoS attack post-mortem: Users inadvertently helped
As StarHub, one of the three major telcos in Singapore, confirmed that they were the latest victim of “intentional and likely malicious distributed denial-of-service …
Malicious JPEGs can compromise your iPhone
A vulnerability in the iOS CoreGraphics component allows attackers to compromise iDevices by tricking victims into viewing a maliciously crafted JPEG file. The good news is …
Dyn DDoS attack: The aftermath
On October 21, New Hampshire-based Internet performance management company Dyn suffered the largest DDoS attack ever to be registered. The attacks – there were three, in …
IPVanish VPN unveils new app, security improvements
US-based IPVanish VPN, whose VPN network spans 40,000+ IPs on 500+ servers in 60+ countries, has recently pushed out a major new edition of its app. The new version (v3.0) has …
Major US DNS provider hit with DDoS, part of the Internet becomes unreachable
US-based DNS provider Dyn has suffered a massive DDoS attack earlier today, and it resulted in many websites being completely or intermittently inaccessible for a few hours. …
Dirty COW Linux kernel zero-day exploited in the wild is now patched
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The …
43+ million users affected by confirmed Weebly breach
Weebly, a popular web-hosting service featuring a drag-and-drop website builder, has been breached, and email addresses/usernames, IP addresses and encrypted passwords for …
Featured news
Resources
Don't miss
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
- Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence