Zeljka Zorz
Update your ManageEngine Password Manager Pro ASAP!
Security researcher Sebastian Perez has revealed eight serious security vulnerabilities in ManageEngine Password Manager Pro (PMP), a password management software for …
Subgraph OS: Open source, hardened OS that prioritizes security and anonymity
Subgraph, an open source security company based in Montreal, has published the alpha release of Subgraph OS, which is designed to with security, anonymity AND usability in …
Why you should read the Oculus Terms of Service
Last Monday, the long-awaited Oculus Rift virtual reality headsets started being delivered to their buyers. Hopefully, the latter have read the Terms of Service that come with …
US passport and visa database open to intrusion?
The Consular Consolidated Database (CCD), which contains over 290 million passport-related records, 184 million visa records, and 25 million records on US citizens living …
PHP, Python still fail to spot revoked TLS certificates
In 2012, a group of researchers demonstrated that SSL certificate validation is broken in many applications and libraries, and pointed out the root causes for that situation: …
Has Reddit been served with a National Security Letter?
Reddit has published its 2015 Transparency Report, and there is one thing missing from it: the entire section about national security requests. The same report for 2014 …
Flaw in HID door controllers lets attackers unlock doors, deactivate alarms
Trend Micro researcher Ricky Lawshae has unearthed a critical vulnerability in HID’s VertX and Edge door controllers. Exploiting the flaw is easy, and could result in …
Samas ransomware enters hospitals through vulnerable servers
There’s hardly a day anymore that we don’t hear about a hospital being hit with ransomware. But while most have been infected via phishing emails carrying or …
Hackers breaching law firms for insider trading info
Two of the most prestigious law firms in the US, best known for their financial services and corporate practices, have had their computer networks compromised by hackers. …
Student bypasses Valve’s review process, publishes game on Steam
Sometimes the only way to get an organization to listen to you when it comes to existing vulnerabilities in their products is to exploit them yourself and make the proof of …
1,400+ vulnerabilities found in automated medical supply system
Security researchers have discovered 1,418 vulnerabilities in CareFusion’s Pyxis SupplyStation system – automated cabinets used to dispense medical supplies …
Carders use custom built POS malware to hit US retailers
Crypto-ransomware might be the most prominent type of malware these days, but that doesn’t mean that criminals have stopped using other kinds. According to FireEye …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility