Zeljka Zorz
Kaspersky Safe Browser iOS app sports MITM SSL certificate bug
Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, …
QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. …
Innovative techniques allow malvertising campaigns to run for years
A threat actor dubbed AdGholas has been mounting successful malvertising campaigns by using innovative targeting and obfuscation techniques, and has been infecting thousands …
Intel Crosswalk bug invalidates SSL protection
A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have …
SpyNote Android RAT builder has been leaked
A builder for the capable SpyNote Android RAT is being freely distributed on several underground hacker forums. SpyNote is capable of viewing messages on the infected device, …
Investigating the supply on 17 underground hacker markets
Have you ever wondered what kind of malicious offerings can be found on dark web “hacker markets,” who sells them and how widely they are available? Three …
Media-stealing Android app targets developers
Symantec researchers have unearthed another app on Google Play that secretly steals photos and videos from victims’ mobile devices. But the curious thing is that it’s …
How Google protects the Android kernel, and future plans
On Wednesday, Jeff Vander Stoep of Google’s Android Security team took to the official Android Developers blog and shared some information about the defenses they have …
Obama defines how the US government will respond to cyber incidents
US president Barack Obama approved on Tuesday the Presidential Policy Directive on United States Cyber Incident Coordination (PPD-41). What’s the PPD-41 all about? …
Osram’s intelligent home lighting system is riddled with flaws
“Intelligent” home lighting system Osram Lightify sports a number of security vulnerabilities, some of which could lead to compromise of the product and the …
LastPass zero-day can lead to account compromise
A zero-day flaw in the popular password manager LastPass can be triggered by users visiting a malicious site, allowing attackers to compromise the users’s account and …
Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests