Zeljka Zorz
Banking Trojan delivered to companies via macro-based malware
“Cybercriminals continue targeting enterprises with malicious emails whose ultimate goal is to infect company computers with the Dyre/Dyreza banking malware. But instead …
WordPress vulnerable to yet another, still to be patched XSS flaw
The latest WordPress version (4.2, released on Thursday) and several earlier ones are vulnerable to a stored cross-site scripting (XSS) vulnerability that can be exploited to …
Successful POS attacks are the result of poor security, researchers find
Most data breaches involving payment card information – and there have been too many in the last two years – can be traced back to a lack of implementation of …
How Google saw the DDoS attack against Github and GreatFire
The recent DDoS attacks aimed at GreatFire, a website that exposes China’s internet censorship efforts and helps users get access to their mirror-sites, and GitHub, the …
German intelligence agency helped NSA spy on EU companies
Germany’s Federal Intelligence Service (BND) has been aiding the US NSA spy on European companies and politicians since 2008, possibly even earlier, Der Spiegel claims …
70 bad exit nodes used in attack against Tor-based SIGAINT
Darknet email service SIGAINT, which aims to provide email privacy to journalists, has been targeted by unknown attackers using at least 70 bad exit nodes, the service’s …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Latest trends in the ransomware business
“Cybercrooks wielding ransomware might prefer getting paid in Bitcoin, but the crypto currency is just a way to obfuscate the real destination of the payment – as …
WordPress issues critical security release
WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to …
Microsoft announces bug bounties for Spartan, Azure
As the official launch of Windows 10 approaches, Microsoft has launched a new bug bounty related to its Technical Preview version, and is asking bug hunters to analyze its new …
Hacktivists are targeting law enforcement personnel, warns FBI
The FBI has issued an alert for law enforcement personnel and public officials, warning them that they may be targeted by hacktivists.“Hacking collectives are effective …
Popular WordPress plugins vulnerable to XSS
At least 17 WordPress plugins – and likely even more of them – have been found vulnerable to cross-site scripting (XSS) flaws that could allow attackers to inject …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility