Zeljka Zorz
Beware of browser hijacker that comes bundled with legitimate software
Lavians, a “small software vendor team,” is packaging its offerings with a variant of browser-hijacking malware Bing.vc. The company sells and offers for free …
USBFILTER: Packet-level firewall for blocking USB-based threats
The problem of planted malicious USB devices is compounded by the fact that, no matter what, users will rarely stop to think and ultimately choose not to insert them because …
Ransomware/RAT combo searches for solvent businesses
The latest version of the Shade ransomware comes with a stealthy remote access Trojan, likely used to better gauge the amount of money the criminals can demand from the …
How the EFF was pushed to rethink its Secure Messaging Scorecard
As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired. The idea was to provide a …
Hundreds of millions of cars can be easily unlocked by attackers
Security researchers have come up with a way to unlock cars manufactured by vendors around the world, and are set to present their findings on Friday at the Usenix security …
Review: Cyber Guerilla
About the authors Jelle Van Haaster is an officer in the Royal Netherlands Army and has a background in legal, military, and technical defense matters. Rickey Gevers is …
Over 300 new cyber threats pop up on underground markets each week
Approximately 305 new cyber threats are added each week on cybercrime markets and forums, mostly located on the dark web. The threats include information on newly developed …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Dota 2 Dev forum breached, nearly 2 million users affected
A hacker has breached the official Dota 2 Dev forum and made off with the entire forum database, which contains email addresses, usernames, IP addresses, and salted password …
Top-level cyber espionage group uncovered after years of stealthy attacks
Symantec and Kaspersky Lab researchers have uncovered another espionage group that is likely backed by a nation-state. The former have dubbed the threat actor Strider, wile …
Oracle-owned MICROS PoS systems vendor breached
MICROS, the point-of-sale payment systems vendor owned by Oracle, has suffered a data breach, and there are indicators that point to the infamous Carbanak (aka Anunak) …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)