Zeljka Zorz
Over 5,000 mobile apps found performing in-app ad fraud
Of the $20 billion projected to be spent by advertisers on mobile advertising in 2015, $1 billion will effectively be lost due to in-app ad fraud, warns ad fraud detection and …
Deplorable Steam security flaw exploited to hijack prominent accounts
A huge gaping hole that allowed attackers to hijack Steam accounts has been discovered, exploited last week, and finally closed by Valve Corp. this weekend.The attackers …
OpenSSH bug enables attackers to brute-force their way into poorly configured servers
A vulnerability in the popular secure remote access software OpenSSH can be exploited by attackers to try to brute-force their way into the connection and access …
Bug in OS X Yosemite allows attackers to gain root access
Security researcher Stefan Esser has revealed the existence of a privilege escalation vulnerability affecting OS X 10.10 (Yosemite), and has provided a working proof of …
How experts stay safe online and what non-experts can learn from them
Google researchers have asked 231 security experts and 294 web-users who aren’t security experts about their security best practices, and the list of top ones for each group …
Google helps Adobe improve Flash security
Adobe has been dealt a heavy blow after the Hacking Team data dump produced three Flash Player zero-day exploits and they begun being exploited in the wild.While Adobe was …
600TB of data exposed due to misconfigured MongoDB instances
Shodan, the search engine that lets users find devices connected to the Internet, can be used for a number of different things. As its creator, John Matherly, pointed out, …
Hacking Team’s RCS Android: The most sophisticated Android malware ever exposed
“As each day passes and researchers find more and more source code in the huge Hacking Team data dump, it becomes more clear what the company’s customers could do …
Proposed Wassenaar pact changes will harm cyber defenders instead of attackers
The comment period for the proposed amendments to the Wassenaar Arrangement regarding “cybersecurity items” has ended, and the overwhelming majority of the 150+ …
Microsoft plugs another Windows zero-day with emergency patch
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow …
Free tools for detecting Hacking Team malware in your systems
“Worried that you might have been targeted with Hacking Team spyware, but don’t know how to find out for sure? IT security firm Rook Security has released Milano, …
Hackers hit UCLA Health, access medical files of 4.5 million patients
UCLA Health, the administrative structure which governs the University of California, Los Angeles (UCLA) hospitals, has suffered a data breach, and personal and medical …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)