Zeljka Zorz
Improve SecOps by making collaboration easier
There’s one word that we’ve consistently been hearing from information security pundits year after year: Collaboration. More often than not, they were talking …
Stingray use lacks transparency and meaningful oversight
Cell-site simulators – aka Stingrays, aka IMSI catchers – are widely used by US law enforcement, usually without a warrant that such type of surveillance should …
Man hacked, blackmailed gold bullion trading firm
25-year-old Adam Penny hacked the systems of an unnamed gold bullion trading firm, and used the stolen information about gold deliveries to intercept them before they are …
US 911 emergency system can be crippled by a mobile botnet
What would it take for attackers to significantly disrupt the 911 emergency system across the US? According to researchers from Ben-Gurion Univerisity of the Negev’s …
MySQL 0-day could lead to total system compromise
Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these …
Macro-based malware evolves to bypass traditional defenses
Macro-based malware is growing into full-featured malware capable of detecting and bypassing traditional security tools, Barkly researchers have discovered. Macro-based …
Compromised electronic health records may haunt you forever
A recent report on the Deep Web black market for electronic health records (EHRs) by researchers affiliated with the Institute for Critical Infrastructure Technology has …
Your Seagate Central NAS could be hosting mining malware
If you have discovered cryptocurrency mining malware on your system, have removed it, and got compromised again without an idea about how it happened, it could be that the …
The dangers of connecting phones to connected cars
As smart, connected cars get more ubiquitous, they are often the only option you get when renting a car from a rental agency. With all the reports about car hacking, you might …
Chrome will start labeling some HTTP sites as non-secure
Slowly but relentlessly, Google is pushing website owners to deploy HTTPS – or get left behind. The latest announced push is scheduled for January 2017, when Chrome 56 …
Stealing login credentials from locked computers in 30 seconds or less
Security researcher Rob Fuller has demonstrated a simple way for stealing login credentials from locked computers running Windows and Mac OS X. For the attack to work, …
Sophisticated Mokes backdoor targets Mac users
A new malware targeting Macs has been discovered: the Mokes backdoor. Capable of making screenshots, recording keystrokes, capturing audio, and rifling through Office …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)