Zeljka Zorz
Antiquated environment and bad security practices aided OPM hackers
By now, you’ve all heard about the massive breach at the US Office of Personnel Management’s (OPM), and that the attackers have accessed (and likely made off with) …
MalumPoS can be customized to target different systems
“A new Point-of-Sale RAM scraper is being offered for sale, and is currently designed to collect data from a very specific type of PoS systems: those running on Oracle …
Personal info of 4 million US government workers compromised in OPM breach
Approximately 4 million US federal employees, both current and former, will start receiving a breach notification alerting them that their personal information has potentially …
Discovering connections between attackers
In the last few years, Pedram Hayati, founder of Australian IT company Security Dimension, has been developing a custom honeypot intelligence system called Smart Honeypot. …
Microsoft will add SSH support to PowerShell
Third time’s the charm for Microsoft’s PowerShell team, as they will – after two previous attempts unsuccessful due to leadership and culture – finally …
Dyre banking Trojan infections more than doubled
“Cybercriminal interest in online banking continues to grow, and crooks wielding the Dyre/Dyreza banking Trojan continue spewing out spam emails delivering a new variant …
How to raise users’ expectations about security and privacy?
Users do not seem to care much about privacy and security. When buying a new smartphone, for example, they rarely ask about security updates and how long the device will be …
USA Freedom Act is just the beginning of the fight for privacy
The US Senate voted for the passing of the USA Freedom Act on Tuesday, and President Obama signed it into law later the same day. So, how will this impact the surveillance …
SourceForge hijacks popular accounts to distribute 3rd-party software
Online source code repository SourceForge has apparently started taking over inactive accounts for popular software, and adding bundle-ware installers to the software …
Weak SSH keys opened many GitHub repositories to compromise
Github repositories of many entities, projects, and even one government could have been compromised and used to deliver malicious code due to the owners’ use of easily …
Bug hunting without much tech knowledge or many tools
Bas Venis has been programming since he was 14 years old. After gaining some experience as a web developer, this 18-year-old self-taught security researcher got into IT …
Employee credentials of half of European top 500 firms exposed online
Cyber attacks and data breaches very often start with phishing or spear-phishing. Access to good credentials is key – whether it’s for straight emailing or direct …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility