Zeljka Zorz
D-Link routers vulnerable to DNS hijacking
At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, …
Swiss users inundated with malware-laden spam
Swiss users are being heavily targeted by a number of spam campaigns delivering the Tiny Banker (TinBa or Busy) e-banking Trojan. Starting with Tuesday, the spammy emails seem …
Critical BlackPhone bug allows attackers to spy on users
BlackPhone, a mobile phone aimed at users who want to keep their communications secure from mass surveillance attempts, is affected by a critical security vulnerability that …
New OS X Yosemite version fixes critical security issues, including Thunderstrike
Apple has released the latest version of OS X Yosemite (v10.10.2) and the first security update (2015-001) for this year, and among the problems fixed is one affecting the CPU …
Hijacking drones with malware
A recent incident at the White House showed that small aerial vehicles (drones) present a specific security problem. While in this particular case the actual danger turned out …
Evidence shows Regin spy malware is used by Five Eyes intelligence
Kaspersky Lab researchers who have recently analyzed a copy of the malicious QWERTY module have discovered that the malware is identical in functionality to a Regin malware …
Why Google won’t be updating pre-KitKat WebKit anymore
Two weeks ago, Rapid 7 researchers discovered that Google will no longer be providing security patches for WebView used in pre-KitKat (v4.4) Android versions, meaning that …
APT gear: Custom Windows task hiding tool
Cyber attackers, especially persistent ones, use a variety of tools to break into target systems, assure their continuing presence in them and hide their actions, and …
What makes phishing emails so successful?
According to the results of a study performed by researchers from the University at Buffalo, “information-rich” emails that alter the recipients’ cognitive …
VPN services blocked by China’s Great Firewall
A number of popular VPN services are the latest target of China’s Great Firewall, including Astrill, StrongVPN and Golden Frog’s VyprVPN. Virtual Private Networks …
Police ransomware scam drives UK teen to suicide
For most people, a ransomware infection is not a huge tragedy: they pay the bogus fine (or not), and ultimately get their computer back either because the criminals unlock it …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade