Zeljka Zorz
70 bad exit nodes used in attack against Tor-based SIGAINT
Darknet email service SIGAINT, which aims to provide email privacy to journalists, has been targeted by unknown attackers using at least 70 bad exit nodes, the service’s …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Latest trends in the ransomware business
“Cybercrooks wielding ransomware might prefer getting paid in Bitcoin, but the crypto currency is just a way to obfuscate the real destination of the payment – as …
WordPress issues critical security release
WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to …
Microsoft announces bug bounties for Spartan, Azure
As the official launch of Windows 10 approaches, Microsoft has launched a new bug bounty related to its Technical Preview version, and is asking bug hunters to analyze its new …
Hacktivists are targeting law enforcement personnel, warns FBI
The FBI has issued an alert for law enforcement personnel and public officials, warning them that they may be targeted by hacktivists.“Hacking collectives are effective …
Popular WordPress plugins vulnerable to XSS
At least 17 WordPress plugins – and likely even more of them – have been found vulnerable to cross-site scripting (XSS) flaws that could allow attackers to inject …
1,500 iOS apps sport flaw that allows interception of sensitive user data
A bug in an older version of AFNetworking, an open source library widely used for adding networking capabilities to iOS and OS X apps, can allow attackers to intercept and …
Apple’s fix didn’t close Rootpipe backdoor
When TrueSec researcher Emil Kvarnhammar discovered a privilege escalation bug affecting OS X that could allow attackers to gain complete control of the target’s Mac …
New fileless malware found in the wild
“Since the discovery of the Poweliks fileless Trojan in August 2014, researchers have been expecting other similar malware to pop up. The wait over: Phasebot malware, …
Valve tries to curb Steam scam accounts with new rule
Gaming corporation Valve is trying to make spammers’ and phishers’ lives more difficult and, consequently, their own users’ gaming experience more pleasant …
Upatre malware gets full SSL comms encryption
“The extremely popular Upatre Trojan downloader has undergone considerable changes that will make it and its communication more difficult to spot and block. The changes …
Featured news
Sponsored
Don't miss
- Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
- Cross-industry standards for data provenance in AI
- Shuffle Automation: Open-source security automation platform
- Cyber insurance 2.0: The systemic changes required for future security
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update