Zeljka Zorz
The C99Shell PHP backdoor lives on
The C99Shell PHP backdoor, originally spotted in 2007, is still around, and is still a danger to both web server operators and end-users. After getting a tip from a designer …
Fake “Flash Player Pro” update delivers password-stealing Trojan
Researchers are warning about a new malware delivery campaign aimed at spreading Fareit, a password-stealing Trojan that can also download additional malware. This campaign is …
Adobe launches bug disclosure program, skimps on bounties
Adobe has launched its own web application vulnerability disclosure program. Set up through the bug bounty platform HackerOne, the program is limited to vulnerabilities …
NLPRank: An innovative tool for blocking APT malicious domains
Security researchers working at OpenDNS’ Security Labs have developed NLPRank, a new system that helps detect – quickly and relatively accurately – phishing …
Anthem refuses comprehensive IT security audit after the breach
Recently breached US health insurer Anthem has refused to let The Office of Personnel Management’s Office of Inspector General (OIG) perform a full security audit of its …
Angler exploit kit and domain shadowing: A deadly combination
Attackers wielding the infamous Angler exploit kit are increasingly using hijacked registrant accounts to create huge amounts of subdomains for both redirecting victims and …
Mandarin Oriental suffers credit card breach
Mandarin Oriental, the hotel group managing luxury hotels and resorts in Asia, Europe, the US and Latin America, has confirmed that “the credit card systems in an …
Fake guides and cracked apps on Google Play Books lead to malware
Google has become pretty swift at finding and removing fake and malicious apps from its Google Play store, but there is one part of it where malware peddlers still seem to …
Banking Trojans target nearly 1,500 financial institutions
Nine of the most common and sophisticated financial Trojans in use are targeting 1,467 financial institutions in 86 countries, says a Symantec report compiled after the …
New PoS malware family discovered
A new family of PoS malware has been discovered and analyzed by Trend Micro researchers. They dubbed it PwnPOS, and believe that it has been in used since 2013, possibly even …
US air traffic control system is riddled with vulnerabilities
A recently released report by the US Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to …
Beware of spyware concealed inside games
Monitoring tools can be used for legitimate and malicious purposes. The first category includes parental control and employee monitoring software, the second one screenshot …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility