Zeljka Zorz
Severe flaws patched in libarchive, dependent projects urged to follow
Three severe bugs that could be easily exploited to perform arbitrary code execution have been patched with version 3.2.1 of the libarchive open source multi-format archive …
ApocalypseVM ransomware decrypter released
AV company Emsisoft has added yet another ransomware decrypter tool to its stable: a decrypter for ApocalypseVM. The tool works on the latest versions of the ransomware in …
Tech support scammers impersonate victims’ ISP
Tech support scammers have switched from cold calls to pop-ups ambushing users online, seemingly coming from the victims’ ISP. In the US and Canada, Verizon, AT&T …
Google’s new authentication option: a tap on the screen
Google knowns that usability is a pre-requisite for security, so they’ve come up (yet again) with a new option within the 2-step verification feature for Google …
Unsecured security cameras lead to privacy erosion
The results of a recent analysis of some 6,000 open security cameras across the United States has shown that 15 percent of them are located in users’ private homes. Open …
Blackphone users get a virtual privacy assistant
Silent Circle has pushed out a new version of Silent OS, the operating system running on Blackphone 2 devices, and it comes with several privacy and security enhancements, …
Poorly crafted LogMeIn password reset email looks phishy, but isn’t
LogMeIn has been sending out password reset emails to some of its customers, to prevent account hijacking fuelled by the recent spate of massive login credential leaks. …
Botnet-powered account takeover campaign hit unnamed bank
A single attacker has mounted two massive account takeover (ATO) campaigns against a financial institution and an entertainment company earlier this year, and used a gigantic …
There’s no virus in the iTunes database – it’s a phish!
A new phishing campaign aimed at Apple users has been spotted by security researcher Bryan Campbell. It takes the form of a fake email supposedly sent by Apple Service, …
Tor Project tests new tool for foiling deanonymization attacks
Upcoming hardened releases of the Tor Browser will use a new technique aimed at preventing deanonymization efforts by anyone who might want to mount them. Created by a group …
Bloatware-be-gone refresh tool added to Windows 10
In the latest test build of Windows 10 Anniversary Update released last week, Microsoft has introduced a tool that allows users to get rid of bloatware and crapware with one …
GoToMyPC remote desktop service resets all passwords in wake of attack
GoToMyPC, a remote computer administration service offered by Citrix, has forced a password reset for all customers in the wake of what they call a “very sophisticated …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)