Zeljka Zorz
Unpatched OS X, iOS flaws allow password, token theft from keychain, apps
Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security …
Let’s Encrypt CA to issue its first cert
Let’s Encrypt, a non-profit certificate authority (CA) set up by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University …
Keyboard app bug puts millions of Samsung mobile users at risk, researcher claims
A vulnerability in the Swift keyboard, which comes pre-installed on Samsung mobile devices, can be exploited by remote attackers to secretly install malicious apps, access the …
Newly patched Flash Player bug exploited to deliver crypto ransomware
“It took less than a week for a functional exploit for a recently patched Adobe Flash Player vulnerability to be added to the Magnitude exploit kit, Trend Micro …
Google announces reward program for Android bugs
Google has announced that it will start paying researchers for information about vulnerabilities affecting Android.The Android Security Rewards are incremental. “For …
LastPass breached, hashed master passwords compromised
LastPass, the company behind the popular password management service of the same name, has announced on Monday that they have suffered a breach, and has urged users to verify …
Trojan uses steganography to hide itself in image files
“The Dell SecureWorks CTU research team has recently analyzed a piece of malware that uses digital steganography to hide part of its malicious code. Stegoloader, as they …
Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Emojis instead of PIN codes as an alternative for forgetful users
For years now companies have been trying to come up with alternatives to passwords and passcodes that will be easier to remember (for users) and more difficult to guess or …
Rethinking security: Securing activities instead of computers
For many people involved in the infosecurity community, the notion of security is too often tied to the quality of code (resistance to specific classes of bug, for example) …
OPM hack: Vast amounts of extremely sensitive data stolen
The extent of the breach suffered by the US Office of Personnel Management has apparently widened. Reports are coming in that the hackers have not only accessed Social …
Microsoft flags Ask toolbar as unwanted and dangerous
From this month on, all versions of Ask.com’s infamous browser toolbar except the very last will be detected as unwanted software by Microsoft security products and …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility