Zeljka Zorz
Russian ransomware boss earns $90,000 per year
Despite too many users not even being aware of the existence of the ransomware threat, there is no doubt that it’s currently one of the most popular ways for cyber …
KeePass update check MitM flaw can lead to malicious downloads
Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security …
FBI warns about email extortion attempts following data breaches
FBI’s Internet Crime Complaint Center has issued a public service announcement warning users about email extortion attempts related to recent high-profile data thefts. …
Bug poachers target businesses, demand money for bug info
Businesses are being hit with an extortion attempt based on attackers penetrating their network or websites and stealing corporate or user data. The attackers don’t say …
Windows zero-day exploit offered for sale on underground market
Someone is selling an exploit for a Windows zero-day on an underground market for Russian-speaking cyber criminals, and the current price is set at $90,000. Trustwave …
Improving software security through a data-driven security model
The current software security models, policies, mechanisms, and means of assurance are a relic of the times when software began being developed, and have not evolved along …
Twitter paid out $322,420 in bug bounties
Researchers have proven that bug bounties are a cheaper way for discovering vulnerabilities than hiring full-time bug hunters would be and, in the last few years, many …
65 million Tumblr users’ email addresses, passwords sold on dark web
Email addresses and hashed and salted passwords of 65 million Tumblr users are being sold online by “peace_of_mind,” aka “Peace”, the individual that …
ICS-CERT warns about vulnerable SCADA system that can’t be updated
A web-based SCADA system deployed mainly in the US energy sector sports vulnerabilities that may allow attackers to perform configuration changes and administrative operations …
Faulty TLS implementation opens VISA sites, users to attack
A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …
ZCryptor ransomware spreads via removable drives
The newly spotted ZCryptor ransomware has also the ability to spread like a worm, Microsoft warns. Once it infects a system, it also copies itself on removable drives, in the …
DNS provider NS1 hit with multi-faceted DDoS attacks
Early last week, DNS and traffic management provider NS1 was hit with a series of DDoS attacks that lasted several days, and managed to impact DNS delivery in the European, …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality