Zeljka Zorz
Attackers shellshock, take over devices running on BusyBox
ShellShock, the remote code execution bug (CVE-2014-6271) affecting GNU Bash, the command interpreter present on many Unix systems and Linux distributions, is still being …
US State Department targeted by hackers
Around the same time the unclassified network of the Executive Office of the US President was breached, the same thing happened to some computer systems belonging to the US …
Malicious Tor exit node is run by MiniDuke APT actors
The malicious Tor exit node located in Russia that added malicious code to the software downloaded by users has been tied to the APT actors wielding the MiniDuke backdoor. …
Default ATM passcodes still exploited by crooks
Once again, ATMs have been “hacked” by individuals taking advantage of default, factory-set passcodes. This time the passcode hasn’t been guessed, or ended …
Mobile Pwn2Own 2014: Windows Phone’s sandbox resists attack
The Mobile Pwn2Own 2014 hacking competition, held at the PacSec Applied Security Conference in Tokyo, Japan, was concluded on Thursday, and not one of the targeted phones has …
Facebook updates terms and policies, introduces interactive privacy guides
Facebook continues with its plan to make the social network’s privacy settings easier to understand, and has introduced Privacy Basics. Private Basics is a page where …
Americans’ privacy behaviors and attitudes in the post-Snowden era
Most Americans are aware of and worried about government efforts to monitor communications and access their data but, interestingly enough, they still look to the government …
ISPs are removing encryption from customers’ emails
A number of ISPs in the US and Thailand have recently been spotted actively removing encryption from their customers’ data sent to email servers, the Electronic Frontier …
Latest Microsoft patches crucial for all Windows users
Microsoft has closed a great many flaws, including a 0-day abused by the Sandworm team, in November’s Patch Tuesday. But there is another vulnerability that you should …
SAP finally patches critical, remotely exploitable bugs in GRC solution
More than a year and a half after they have been reported to SAP AG, the company has issued a patch for a number of critical exploitable security vulnerabilities in its …
German spy agency wants to buy and use 0-day bugs
The Bundesnachrichtendienst (BND) – Germany’s Federal Intelligence Service – has asked a parliamentary oversight committee for big money to buy …
Personal info of 800,000 USPS employees compromised in breach
The US Postal Service has joined the ranks of private sector companies and governmental agencies that have been breached and had data stolen by hackers. According a statement …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance