Zeljka Zorz
Popular WordPress plugin opens backdoor, steals user credentials
If you are one of the 10,000+ users of the Custom Content Type Manager (CCTM) WordPress plugin, consider your site to be compromised and proceed to clean your installation up, …
OS X ransomware found bundled with legitimate software
Palo Alto researchers have discovered the first fully functional ransomware aimed at Mac users. The malware, dubbed KeRanger, has been found on Friday (March 4), bundled into …
Dwolla fined $100,000 for deceiving customers about data safety
Online payment platform Dwolla has been ordered by the Consumer Financial Protection Bureau (CFPB) to pay a $100,000 fine for deceiving consumers about its data security …
Cerber ransomware talks to its victims
A new crypto ransomware, dubbed Cerber by its creators, has recently started targeting Windows users. The malware is relatively new, and its delivery method is still unknown, …
Mozilla blocks popular Firefox add-on due to security issues
Mozilla has put the YouTube Unblocker add-on on its “blocklist”, as it has been discovered that it was changing users’ security settings and covertly …
Researcher demonstrates hijacking of police drone
A security researcher has demonstrated to the RSA Conference crowd how he – or anyone, for that matter – can take over control of a drone used by the Dutch police …
Cisco removes weak default static credentials from its switches
Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …
Sea pirates and cyber attacks: Information security breaches in the maritime industry
The Maritime Trade Information Sharing Center, Gulf of Guinea (MTISC-GoG) has denied that it has suffered a data breach that could result in sea pirates knowing details about …
Review: Becoming a Global Chief Security Executive Officer
“If protecting a business were as simple as deploying technologies such as firewalls, intrusion detection systems, and secured development life cycle processes, or …
Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login …
Hack the Pentagon: Hackers asked to help secure public-facing systems
The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …
Weak default credentials, command injection bug found in building operation software
A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality