Zeljka Zorz
IT service providers, many other orgs targeted in long-standing attack campaign
US-CERT has released an alert warning about a sophisticated attack campaign using multiple malware implants and targeting organizations in the IT, Energy, Healthcare and …
Will fileless malware push the antivirus industry into oblivion?
The death of antivirus has been prophesied for years now, but the AV industry is still alive and kicking. SentinelOne, though, believes that in-memory resident attacks, i.e. …
How to securely deploy medical devices within a healthcare facility
The risks insecure medical devices pose to patient safety are no longer just theoretical, and compromised electronic health records may haunt patients forever. A surgical …
How secure are mobile banking apps?
Do banking institutions have a good handle on the things they need to remediate and new control layers they need to adopt to keep users secure? To answer those questions, …
Executive spotlight: iovation’s new Vice President of Product
Last week iovation announced that Dwayne Melancon was leaving Tripwire after 17 years and joining the company as the new Vice President of Product, so we decided to get in …
Hackers explain how they “owned” FlexiSpy
How did the hackers that go by the name Decepticons breach stalkerware manufacturer FlexiSpy? According to information purportedly provided by the attackers themselves, it …
Script for remote DoublePulsar backdoor removal available
NSA’s DoublePulsar backdoor can now be remotely uninstalled from any infected Windows machine, thanks to the updated detection script provided by security firm Countercept. …
Former Expedia IT support worker gets prison time for hacking execs’ emails, insider trading
A IT support technician formerly employed at Expedia offices in San Francisco was sentenced to 15 months in prison for securities fraud, plus three years supervised release. …
Lure10: Exploiting Wi-Fi Sense to MITM wireless Windows devices
Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide …
Ashley Madison users blackmailed again
Criminals are still trying to shake down users of the Ashley Madison dating/cheating online service. As you might remember, the service was hacked in 2015, and the attackers …
SquirrelMail opens users to remote code execution
Users of open source webmail software SquirrelMail are open to remote code execution due to a bug (CVE-2017-7692) discovered independently by two researchers. “If the …
BrickerBot bricked 2 million IoT devices, its author claims
The author of BrickerBot, which “bricks” IoT devices by rewriting the flash storage space and wiping files, has emerged to explain that the malware first attempts …
Featured news
Resources
Don't miss
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites