Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

Zeljka Zorz

tumblr
65 million Tumblr users’ email addresses, passwords sold on dark web

Email addresses and hashed and salted passwords of 65 million Tumblr users are being sold online by “peace_of_mind,” aka “Peace”, the individual that …

industry
ICS-CERT warns about vulnerable SCADA system that can’t be updated

A web-based SCADA system deployed mainly in the US energy sector sports vulnerabilities that may allow attackers to perform configuration changes and administrative operations …

https
Faulty TLS implementation opens VISA sites, users to attack

A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …

skull
ZCryptor ransomware spreads via removable drives

The newly spotted ZCryptor ransomware has also the ability to spread like a worm, Microsoft warns. Once it infects a system, it also copies itself on removable drives, in the …

fire
DNS provider NS1 hit with multi-faceted DDoS attacks

Early last week, DNS and traffic management provider NS1 was hit with a series of DDoS attacks that lasted several days, and managed to impact DNS delivery in the European, …

password
Microsoft bans common passwords

If you’re using the Microsoft Account service to sign into the various services offered by the company, and you tried to set up a too commonly used password, you have …

European flag
Europe’s digital competitiveness depends on free data flow

The European Commission today tabled a package of measures to allow consumers and companies to buy and sell products and services online more easily and confidently across the …

WhatsApp
WhatsApp Gold doesn’t exist, it’s a scam that spreads malware

WhatsApp users are once again targeted by malware peddlers, via messages that offer WhatsApp Gold, supposedly an enhanced version of the popular messaging app previously used …

Who’s tracking you online, and how?

Armed with a tool that mimics a consumer browser but is actually bent on discovering all the ways websites are tracking visitors, Princeton University researchers have …

KeySweeper
FBI warns about keyloggers disguised as USB device chargers

A private industry notification issued by the FBI in late April may indicate that keyloggers disguised as USB device chargers have been fund being used in the wild. The …

DMA Locker 4.0
DMA Locker ransomware ready for mass distribution

According to Malwarebytes’ researcher Hasherezade, we’re in for a lot of pain once the new and improved DMA Locker ransomware starts doing the rounds. Its first …

Bug
WPAD name collision bug opens door for MitM attackers

A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools