Zeljka Zorz
D-Link’s failed patch for DIR-890L router adds a new hole
Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of …
HSBC Finance Corporation confirms data breach
A breach notification letter sent to the New Hampshire Attorney General’s Office by the HSBC Finance Corporation has revealed that sensitive mortgage information of …
Cisco splats router bug that can lead to persistent DoS
Cisco has patched a vulnerability that affects Cisco ASR 9000 Series Aggregation Services Routers and can be exploited by a remote, unauthenticated attacker to effectively …
Dropbox launches bug bounty, will also pay for previously reported bugs
Dropbox is the latest company to officially announce a bug bounty program set up through the HackerOne platform. While the program has been up and running for several months …
TeslaCrypt ransomware pushed by several exploit kits
TeslaCrypt is one of the newest additions to the ransomware category of malware, and is being pushed out to users left and right. Aside from the usual assortment of file types …
Attorney claims cops planted spying malware on drive containing evidence
Police force using malware in investigation is not an unheard-of situation but, according to an affidavit filed in a whistle-blower case against the Fort Smith Police …
Google blocks Java plugin in new Chrome by default
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle’s Java plugin and other plugins that use …
Adobe fixes Flash Player zero-day exploited in the wild
Adobe released a new version of Flash Player (17.0.0.169) for Windows and Macintosh, and for Linux (11.2.202.457). These security updates fix a host of critical …
Misconfigured DNS servers may leak domain info, warns US-CERT
US-CERT is urging administrators of Domain Name System servers to check whether their machines are misconfigured to respond to global Asynchronous Transfer Full Range (AXFR) …
Former lottery infosec head accused of hacking computers to buy winning ticket
The former head of information security at the Multi-State Lottery Association (MUSL), who was arrested in January 2015, stands accused of having tampered with the computer …
18-year-old bug can be exploited to steal credentials of Windows users
A new technique for exploiting an 18-year-old bug in Windows Server Message Block (SMB), which would allow attackers to intercept user credentials, had been uncovered by …
Main sources of data breaches: Phishing, RAM scrapers, web app insecurity
US telecom giant Verizon has published its 2015 Data Breach Investigations Report, which is based on an analysis of nearly 80,000 security incidents, including more than 2,100 …
Featured news
Sponsored
Don't miss
- The effect of compliance requirements on vulnerability management strategies
- Modernizing incident response in the AI era
- Why cybersecurity leaders trust the MITRE ATT&CK Evaluations
- How the role of observability is changing within organizations
- Cybercriminals used a gaming engine to create undetectable malware loader