Zeljka Zorz
Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Beware of browser hijacker that comes bundled with legitimate software
Lavians, a “small software vendor team,” is packaging its offerings with a variant of browser-hijacking malware Bing.vc. The company sells and offers for free …
USBFILTER: Packet-level firewall for blocking USB-based threats
The problem of planted malicious USB devices is compounded by the fact that, no matter what, users will rarely stop to think and ultimately choose not to insert them because …
Ransomware/RAT combo searches for solvent businesses
The latest version of the Shade ransomware comes with a stealthy remote access Trojan, likely used to better gauge the amount of money the criminals can demand from the …
How the EFF was pushed to rethink its Secure Messaging Scorecard
As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired. The idea was to provide a …
Hundreds of millions of cars can be easily unlocked by attackers
Security researchers have come up with a way to unlock cars manufactured by vendors around the world, and are set to present their findings on Friday at the Usenix security …
Review: Cyber Guerilla
About the authors Jelle Van Haaster is an officer in the Royal Netherlands Army and has a background in legal, military, and technical defense matters. Rickey Gevers is …
Over 300 new cyber threats pop up on underground markets each week
Approximately 305 new cyber threats are added each week on cybercrime markets and forums, mostly located on the dark web. The threats include information on newly developed …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Dota 2 Dev forum breached, nearly 2 million users affected
A hacker has breached the official Dota 2 Dev forum and made off with the entire forum database, which contains email addresses, usernames, IP addresses, and salted password …
Top-level cyber espionage group uncovered after years of stealthy attacks
Symantec and Kaspersky Lab researchers have uncovered another espionage group that is likely backed by a nation-state. The former have dubbed the threat actor Strider, wile …
Featured news
Resources
Don't miss
- HR, recruiters targeted in year-long malware campaign
- Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
- Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming
- The people behind cyber extortion are often in their forties
- Fake Claude Code install pages highlight rise of “InstallFix” attacks