Zeljka Zorz
Microsoft will stop trusting certificates from 20 Certificate Authorities
Starting on January 2016, Microsoft’s Trusted Root Certificate Program will no longer include twenty currently trusted CAs and will remove their root certificates …
Critical ScreenOS bugs allow undetectable decryption of VPN connections, device hijacking
Juniper Networks has discovered and patched a critical, high-impact vulnerability affecting ScreenOS on its NetScreen devices, and is advising customers to update their …
Washington state sues iYogi tech support firm for scamming users
Washington State Attorney General Bob Ferguson announced a lawsuit against one of the biggest independent tech support providers in the world, iYogi, and its President, Vishal …
Human error reduces security offered by encryption apps
Crypto phones – whether they are hardware devices or mobile apps – are a great way to assure that your VoIP communications remain private, but the security and …
Linux machines can be “owned” by hitting backspace 28 times
Taking over a Linux machine that has been locked with a password can be as easy as pressing the backspace key 28 times, two researchers from the Cyber Security Research Group …
XSS, SQLi bugs found in several Network Management Systems
Network Management System (NMS) offerings by Spiceworks, Ipswitch, Opsview and Castle Rock Computing have been found sporting several cross-site scripting and SQL injection …
Asian company is the newest APT threat
An unnamed South Asian software development consultancy that creates software for employee monitoring is also an APT player and, according to CloudSek CTO Rahul Sasi, it …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Comcast users hit with malvertising, malware and tech support scam all in one go
Another tech support scam / ransomware campaign combo has been launched at users, but this time the order of delivery is reversed. The intended victims are the customers of …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …
13 million MacKeeper users exposed in data breach
The company pushing MacKeeper, the security and utility software suite for Macs many consider to be scareware, has confirmed that the database containing passwords and …
Fake “account verification” email targeting Alibaba.com users
Businesses who use Alibaba.com to connect with Chinese manufacturers are being targeted in a recently discovered phishing campaign, Comodo warns. It takes the form of phishing …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility