Zeljka Zorz
How Europol analyzes malware
In the wake of the takedown of a major cybercriminal group wielding banking Trojans in Ukraine in June this year, Europol noted that it “provided crucial support to the …
Belkin’s N150 router sports multiple flaws, including default access credentials for telnet server
Belkin’s SOHO routers are not exactly a paragon of a secure device, so it shouldn’t come as a surprise that, once again, a security researcher has unearthed a …
Windows machines stop trusting Dell’s two unconstrained root CA certs
Microsoft has updated the Certificate Trust list for all supported releases of Microsoft Windows so that the two digital certificates (complete with inadvertently disclosed …
Hacktivists and cyber extortionists hit Greek, Russian, UAE banks
A number of “regular” and central banks across Europe, Russia and Asia have been targeted by cyber attackers.Last week, in the wake of Turkey downing a Russian …
VTech data breach gets worse: Children’s pictures and chat logs were also compromised
The hacker who breached VTech’s customer database and shared with the world the fact that the exploit was so easy anyone could do it (SQL injection), has found …
VPN protocol flaw allows attackers to discover users’ true IP address
The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited …
Spyware/adware combo masquerading as AnonyPlayer hits Android users
If you suddenly start seeing random advertisements popping up on your Android device, you have likely been infected with adware. But if you’re terribly unlucky, you …
Abysmal security practices by toy maker VTech result in massive data breach
Hong Kong-based electronic toy maker VTech has suffered a massive breach. The target was the Learning Lodge app store, from which registered users can download games, music, …
More than 900 embedded devices share hard-coded certs, SSH host keys
Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a …
MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection
Hacker and security researcher Samy Kamkar, who’s noted for being the author of the first Web 2.0 worm, creating zombie cookies, and USBdriveby, has now come out with a …
Amazon resets customers’ potentially compromised passwords
Has Amazon suffered a breach? We won’t know for sure until the company offers more information.So far, we known only what users affected by the data theft/leak incident …
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility