Zeljka Zorz
US, UK spies reverse-engineered security software in search for flaws
The UK GCHQ has been actively trying to reverse-engineer popular security software in order find vulnerabilities that can be used to neutralize the protection the software …
HP releases exploit code for IE zero-day that Microsoft won’t patch
Despite having paid $125,000 for information about an Address Space Layout Randomisation (ASLR) vulnerability affecting Internet Explorer, Microsoft has decided against …
Critical RubyGems vulns can lead to installation of malicious apps
A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled …
OPM hack shines light on abysmal state of US federal systems’s security
With each passing day, newly revealed details about the US Office of Personnel Management (OPM) hack show an ugly picture of the security situation in the OPM, and other US …
How to find a free, secure proxy service?
There are several reasons one might want to use web proxy services, and depending on that reason, it might not be a very good idea to choose a free one randomly.Vienna-based …
Cyber attack grounds Polish LOT aeroplanes
Around 1,400 unlucky travelers who were set to depart from Warsaw’s Frederic Chopin Airport on Sunday had their flights cancelled or delayed for hours, as the computer …
New password recovery scam hitting Gmail, Outlook and Yahoo Mail users
A simple yet ingenious scam is being used by scammers to compromise accounts of Gmail, Outlook and Yahoo Mail users, Symantec researcher Slawomir Grzonkowski warns.“To …
Many popular Android apps fail to encrypt login credentials
Using encryption to protect mobile traffic and especially the exchange of credentials between the user and company servers should be a must in this day and age. Unfortunately, …
New Drupal versions fix admin account hijack flaw
New versions of popular open source content management system Drupal are out, and fix a series of vulnerabilities, including a critical one that can result in an attacker …
Microsoft’s anti-surveillance website was hacked
Digital Constitution – a dedicated website Microsoft set up to keep users informed of its efforts to counter US government’s attempts to access customer emails the …
Why LinkedIn chose to keep its bug bounty program private
Bug bounty programs have become de rigueur for tech and Internet companies that want to improve the security of their products by (partly) outsourcing bug discovery. But while …
Reddit announces switch to HTTPS-only
With a short note posted on the site’s developers subreddit, reddit – the so-called “front page of the internet” – has announced that starting with …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility