Zeljka Zorz
Researcher proves how easy it is to pull off homographic phishing attacks
Security consultant Paul Moore has managed to register a domain that, at first glance, looks like that of UK-based Lloyds Bank, and get a valid TLS certificate for it from …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Hackers are exploiting Magento flaw to steal payment card info
Attackers are exploiting a vulnerability in eBay’s Magento platform to steal users’ billing information (including payment card info), warns Sucuri …
Update your Flash Player if you don’t want ransomware
“It didn’t take long for exploit kit authors to incorporate an exploit for the recently discovered zero-day Adobe Flash vulnerability (CVE-2015-3113) into their …
Researcher tests Tor exit nodes, finds not all operators can be trusted
While the Tor anonymity network conceals (relatively successfully) a user’s location and Internet activity from anyone who might want to know about it, users should be …
Vegan and BeEF clash shows how cyber arms race never stops
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries. An example of this …
Facebook slowly fine-tuning its popular ThreatExchange
Facebook’s ThreatExchange, which was unveiled this February, is apparently a hit with organizations, and they are vocal about the ways they believe it could be …
Cisco finds, removes more default SSH keys on its software
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content …
Expedia users targeted by phisher who gained access to their info
An unknown number of Expedia customers have been getting emails from the company, warning them about fraudulent emails or SMSes they might receive or might have already …
Samsung disables Windows Update, undermines the security of your devices
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP …
Why a Dyre infection leads to more than just stolen banking credentials
“The Dyre/Dyreza information-stealer has without a doubt filled the vacuum generated by the 2014 and 2015 law enforcement takedowns of botnet infrastructure of several …
Deadly Windows, Reader font bugs can lead to full system compromise
“Even in 2015 – the era of high-quality mitigations and security mechanisms – one good bug still suffices for a complete system compromise,” Mateusz …
Featured news
Sponsored
Don't miss
- The effect of compliance requirements on vulnerability management strategies
- Modernizing incident response in the AI era
- Why cybersecurity leaders trust the MITRE ATT&CK Evaluations
- How the role of observability is changing within organizations
- Cybercriminals used a gaming engine to create undetectable malware loader