Zeljka Zorz
Fake “Incoming Fax Report” emails lead to crypto-ransomware
Once again, fake “Incoming Fax Report” emails carrying malware are being sent out to random users. Given the popularity of online fax-sending services, there are …
Flaw in Hilton Honors website left all customer accounts wide open
The discovery of a vulnerability in the Hilton HHonors website that could lead to account hijacking and information theft has put a temporary stop to Hilton Hotels & …
New PoS malware family comes with keylogger component
A new piece of PoS scraper malware has been found and analyzed by researchers from Cisco’s Talos Security Intelligence and Research Group. Dubbed “PoSeidon,” …
Cisco Small Business IP phones vulnerable to eavesdropping
Cisco has confirmed the existence of a flaw affecting its Small Business SPA 300 and 500 series IP phones that can be exploited by attackers to listen to the audio stream of …
Scammers use Whatsapp calling feature as a lure
Survey scammers and adware peddlers continue to advantage of the interest Whatsapp users have in the quietly rolled out Free Voice Calling feature. According to …
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Fake job seeker’s emails deliver ransomware and info-stealer
The latest Cryptowall-delivery campaign comes with an additional menace: the Fareit Trojan, which is designed to steal logins and passwords from compromised computers, …
Bank of America phishing attack hits customers
Phishers are once again targeting Bank of America customers, warns Malwarebytes’ Chris Boyd. He doesn’t say it, but it’s likely that the potential victims …
State-sponsored hackers target European, Israeli organizations
Rocket Kitten, the APT group of attackers that have been delivering spear-phishing emails with the Ghole malware to Israeli and European institutions late last year, have …
OpenSSL security update less critical than expected, still recommended
As announced on Monday, the OpenSSL project team has released new versions of the cryptographic library that fix a number of security issues. The announcement created a panic …
Polymorphic security warnings more effective than same, static ones
In the last year or so, we have witnessed Google becoming increasingly interested in providing effective warnings that would spur users into making good decisions regarding …
Pinterest swaps T-shirts for money rewards in bug bounty program
After having migrated their online properties to HTTPS and having sorted out the main problems that arose from the move, Pinterest is ready to pay researchers for information …
Featured news
Resources
Don't miss
- CERT-UA warns against “security audit” requests via AnyDesk
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
- AI-driven insights transform security preparedness and recovery
- NDR’s role in a modern cybersecurity stack
- How Russian hackers went after NGOs’ WhatsApp accounts