Zeljka Zorz
SSH backdoor found in more Fortinet devices, exploit attempts spotted in the wild
In case you missed it, Fortinet announced last week that the recently discovered FortiOS SSH backdoor – or, as they call it, “a management authentication …
Magento plugs XSS holes that can lead to e-store hijacking, patch immediately!
Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a …
“Deliberately hidden” backdoor found on US government’s comms system
Researchers from Austrian infosec outfit SEC Consult have unearthed what they dubbed a “deliberately hidden backdoor account” in NX-1200, a network controller …
Unknown attackers are infecting home routers via dating sites
Damballa researchers have spotted an active campaign aimed at infecting as many home routers possible with a worm. A variant of the TheMoon worm, it works by taking advantage …
Cyber fraudsters steal over $50 million from airplane systems manufacturer
Austrian company FACC, which develops and produces components and systems made of composite materials for aircraft and aircraft engine manufacturers such as Boeing and Airbus, …
Fake Facebook emails deliver malware masquerading as audio message
A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both …
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
Authorized Symantec reseller scams users into buying security software
Malwarebytes researchers have discovered a new tech support scam that, unlike most, is being perpetrated by an active member of the Symantec Partner Program. Users are being …
0-day in Linux kernel endangers Linux servers, Android devices
A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) …
Apple kills 28 flaws in OS X, iOS and QuickTime
If you use Apple’s OS X El Capitan, iOS and QuickTime on any of your computers and devices, you might want to implement the latest updates pushed out on Tuesday. OS X El …
Intel patches MiTM flaw in its Driver Update Utility
Intel has fixed a remotely exploitable vulnerability (CVE-2016-1493) in the Intel Driver Update Utility which could be used by a man-in-the-middle attacker to corrupt …
New Linux Trojan performs system reconnaissance
A new Linux threat has been identified by Dr. Web researchers. Dubbed Linux.Ekoms.1, this Trojan’s apparent function is to discover details about the system it has …
Featured news
Resources
Don't miss
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades