Zeljka Zorz
Why Google won’t be updating pre-KitKat WebKit anymore
Two weeks ago, Rapid 7 researchers discovered that Google will no longer be providing security patches for WebView used in pre-KitKat (v4.4) Android versions, meaning that …
APT gear: Custom Windows task hiding tool
Cyber attackers, especially persistent ones, use a variety of tools to break into target systems, assure their continuing presence in them and hide their actions, and …
What makes phishing emails so successful?
According to the results of a study performed by researchers from the University at Buffalo, “information-rich” emails that alter the recipients’ cognitive …
VPN services blocked by China’s Great Firewall
A number of popular VPN services are the latest target of China’s Great Firewall, including Astrill, StrongVPN and Golden Frog’s VyprVPN. Virtual Private Networks …
Police ransomware scam drives UK teen to suicide
For most people, a ransomware infection is not a huge tragedy: they pay the bogus fine (or not), and ultimately get their computer back either because the criminals unlock it …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Google discloses three OS X 0-days
In the past few days, Google has released information about and proof-of-concept exploit code for three separate zero-day vulnerabilities affecting Apple’s OS X …
Journalist Barrett Brown sentenced to 63 months
Barrett Brown, the journalist that at one time claimed to be a spokesman for the hacktivist collective Anonymous, has been handed a 63-months-long prison sentence and has been …
Critical Flash Player hole plugged, another still unpatched and exploited
Adobe has released an out-of-band update for Flash Player, which fixes a security flaw (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the …
Click-fraud malware brings thousands of dollars to YouTube scammers
A malware delivery campaign aimed at making victims’ computers surreptitiously view YouTube videos and, consequently, artificially inflate their popularity so that …
HealthCare.gov sends out users’ personal info to ad companies
HealthCare.gov, the health insurance exchange website operated by the US government, is sending out personal health information about its users to at least 14 (and likely …
Angler exploit kit goes after new Adobe Flash 0-day flaw
An exploit for a still officially unconfirmed zero-day vulnerability in Adobe Flash Player has been added to the popular Angler exploit kit and is, along with exploits for …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests