Zeljka Zorz
Bug in surveillance app opens Netgear NAS systems to compromise
A security vulnerability in the ReadyNAS Surveillance Application can be exploited by unauthenticated, remote attackers to gain root access to Netgear NAS systems, Sysdream …
Infosec pros point at problem with CVE system, offer alternative
For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). Researchers who …
New ways to fingerprint Tor Browser users discovered
Users who want to remain anonymous online often opt for using the Tor Browser, which hides their real IP address, but there are techniques that (more or less) malicious actors …
Critical bug in libotr could open users of ChatSecure, Adium, Pidgin to compromise
A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers such as ChatSecure, …
Review: Breaking into Information Security
Breaking into Information Security is a practical guide for people outside and inside the information security industry. The former can find out how to put their foot in the …
Hacking Internet-connected trucks and buses
Among the things one can find with Shodan, the search engine for the Internet of Things, are trucks, buses and delivery vans that have been equipped with the Telematics …
KeRanger Mac ransomware is a rewrite of Linux Encoder
KeRanger, the recently discovered first functional Mac ransomware, is a copy of Linux Encoder, the crypto-ransomware first unearthed and analyzed in November 2015 by Dr. Web …
Dell open sources DCEPT, a honeypot tool for detecting network intrusions
Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source …
Google plugs 19 holes in newest Android security update
In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …
Google open sources vendor security review tool
Google has open sourced its Vendor Security Assessment Questionnaire (VSAQ) Framework with the hope that other companies and developers could use it to improve their vendor …
Phishers successfully tricking payroll pros into sharing employee data
In February, the US Internal Revenue Service (IRS) issued a warning about a 400 percent surge in tax related phishing and malware incidents. The alert said that the most …
Hack a mobile phone’s fingerprint sensor in 15 minutes
Two researchers from Michigan State University’s biometrics group have devised a method for hacking mobile phone’s fingerprint authentication by using just a color …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality