Zeljka Zorz
Spyware/adware combo masquerading as AnonyPlayer hits Android users
If you suddenly start seeing random advertisements popping up on your Android device, you have likely been infected with adware. But if you’re terribly unlucky, you …
Abysmal security practices by toy maker VTech result in massive data breach
Hong Kong-based electronic toy maker VTech has suffered a massive breach. The target was the Learning Lodge app store, from which registered users can download games, music, …
More than 900 embedded devices share hard-coded certs, SSH host keys
Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a …
MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection
Hacker and security researcher Samy Kamkar, who’s noted for being the author of the first Web 2.0 worm, creating zombie cookies, and USBdriveby, has now come out with a …
Amazon resets customers’ potentially compromised passwords
Has Amazon suffered a breach? We won’t know for sure until the company offers more information.So far, we known only what users affected by the data theft/leak incident …
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
Vonteera adware blocks AVs, can install uninstallable Chrome extensions
The Vonteera adware family has been around for quite some time, but it is now slowly starting to cross the line between unwanted, potentially malicious software to outright …
Credential manager system used by Cisco, IBM, F5 has been breached
Pearson VUE, a provider of computer-based assessment testing for regulatory and certification boards, has announced that its Credential Manager system (PMC) has been …
Zero detection GlassRAT operated undetected for years
RSA Research has unearthed another Remote Access Tool/Trojan (RAT) used in cyber espionage campaigns. Dubbed GlassRAT, it has the usual capabilities of this type of malware: …
Dell shipped computers with root CA cert, private crypto key included
All desktop and laptops shipped by Dell since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it, opening users to the …
Analytics services are tracking users via Chrome extensions
It’s quite possible that, despite your belief that the Google Chrome is the safest browser there is and your use of extensions that prevent tracking, your online …
How malware peddlers trick users into enabling Office macros
A week ago, SANS ISC handler and freelance security consultant Xavier Mertens analyzed a Word document containing malicious macros, and unearthed in it a VBA function that …
Featured news
Sponsored
Don't miss
- Cyber insurance 2.0: The systemic changes required for future security
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)