Zeljka Zorz
How programmers can be tricked into running bad code
Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …
Russian hackers spied on US Democrats’ chats and emails for a year
Two separate hacker groups have breached the servers and compromised the computer network of the US Democratic National Committee (DNC), and have been reading emails, chats, …
Adobe Flash zero-day actively exploited in targeted attacks
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has …
Another “historic” hack and leak: 51 million iMesh accounts for sale
Email addresses and login credentials of some 51 million users of the recently defunct iMesh file sharing service are being sold online for 1 bitcoin. The seller is …
Vawtrak banking Trojan shifts to new targets
The Vawtrak banking Trojan (aka Snifula) is slowly but surely becoming a serious threat. With version 2, the malware has acquired the capability to target even more users, a …
Review: DevOpsSec
About the author Jim Bird, CTO of a major US-based institutional alternative trading system, has more than 20 years of experience in financial services technology, including …
Netgear removes crypto keys hard-coded in routers
Qualys security researcher Mandar Jadhav has discovered two serious vulnerabilities in Netgear D6000 and D3600 modem routers, which can be exploited to gain access to the …
Ransomware targets Android smart TVs
If you own a Sharp and Philips smart TV running the Android TV OS, you should know that it could be hit by FLocker, a device-locking ransomware that targets both …
Can SourceForge win developers’ trust back?
SourceForge is under new ownership and management (again!), and their plan is to return the service to its former glory. The past Once the preferred source code repository and …
Let’s Encrypt CA inadvertently leaks users’ email addresses
Let’s Encrypt, the non-profit Certificate Authority (CA) that helps website administrators switch from HTTP to HTTPS quickly and effortlessly, has accidentally leaked …
Crysis ransomware fills vacuum left by TeslaCrypt
TeslaCrypt has reached the end of the road, and other ransomware is ready to fill the vacuum left behind it. A relative newcomer to the market, Crysis ransomware is already …
Mozilla will fund code audits for open source software
The Mozilla Foundation has set up the Secure Open Source (SOS) Fund, whose aim is to help open source software projects get rid their code of vulnerabilities. “The Fund …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility