Zeljka Zorz
Upatre malware gets full SSL comms encryption
“The extremely popular Upatre Trojan downloader has undergone considerable changes that will make it and its communication more difficult to spot and block. The changes …
Attackers actively downing Microsoft’s IIS web servers
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft’s Internet Information Services (IIS) extensible web server, SANS ISC CTO …
GitHub issues transparency report
GitHub has released its first ever transparency report. Of the 10 subpoenas for user data, GitHub has disclosed information in 7 of them, and has informed affected users about …
Exploit for crashing Minecraft servers made public
After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of …
Pawn Storm cyberspies still at work, target NATO and the White House
Pawn Storm, the long-standing economic and political cyber-espionage operation that has been first detailed in October 2014, continues unabated. Aiming to compromise the …
D-Link’s failed patch for DIR-890L router adds a new hole
Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of …
HSBC Finance Corporation confirms data breach
A breach notification letter sent to the New Hampshire Attorney General’s Office by the HSBC Finance Corporation has revealed that sensitive mortgage information of …
Cisco splats router bug that can lead to persistent DoS
Cisco has patched a vulnerability that affects Cisco ASR 9000 Series Aggregation Services Routers and can be exploited by a remote, unauthenticated attacker to effectively …
Dropbox launches bug bounty, will also pay for previously reported bugs
Dropbox is the latest company to officially announce a bug bounty program set up through the HackerOne platform. While the program has been up and running for several months …
TeslaCrypt ransomware pushed by several exploit kits
TeslaCrypt is one of the newest additions to the ransomware category of malware, and is being pushed out to users left and right. Aside from the usual assortment of file types …
Attorney claims cops planted spying malware on drive containing evidence
Police force using malware in investigation is not an unheard-of situation but, according to an affidavit filed in a whistle-blower case against the Fort Smith Police …
Google blocks Java plugin in new Chrome by default
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle’s Java plugin and other plugins that use …
Featured news
Resources
Don't miss
- CERT-UA warns against “security audit” requests via AnyDesk
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
- AI-driven insights transform security preparedness and recovery
- NDR’s role in a modern cybersecurity stack
- How Russian hackers went after NGOs’ WhatsApp accounts