Zeljka Zorz
Code Red: A global initiative for fighting government surveillance
Well known and widely respected privacy expert and advocate Simon Davies has announced the creation of a new global initiative that’s aimed at supporting the world-wide …
Tor exit node found patching downloaded binaries with malware
A researcher has spotted a Tor exit node located in Russia which instead of delivering the software requested by users untouched, was adding malicious code to the binaries in …
How Facebook prevents account hijacking when old email addresses are recycled
Remember when last summer Yahoo announced they will recycle inactive accounts and offer them to other users? The scheme was more or less successful. Some measures that Yahoo …
Widespread malvertising campaign targets high-profile sites, delivers ransomware
A newer version of the Cryptowall ransomware has been delivered to unsuspecting Internet users via malicious ads shown on a considerable number of high-profile websites, …
Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics
In a recently released whitepaper, Trend Micro researchers have shared many details about a long-standing economic and political cyber-espionage operation they dubbed Pawn …
Attackers bypass Sandworm patch with new 0-day
The Sandworm vulnerability has been patched, but unfortunately attackers have discovered a way to bypass the patch and continue with their targeted attacks. “As with …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Apple warns about organized network attacks against iCloud users
In the wake of the claims that the Chinese authorities have mounted a MITM attack against iCloud and Microsoft account holders by redirecting them to spoofed login pages, …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Attackers change home routers’ DNS settings via malicious code injected in ads
Sucuri Security researchers have unearthed a malvertising campaign aimed at changing the DNS settings of home routers in order to lead users questionable and potentially …
Malware directs stolen documents to Google Drive
Researchers have uncovered a new type of information-stealing malware that is apparently used in campaigns targeting government agencies and can syphon files from compromised …
2FA: Google offers physical alternative to verification codes
Google is offering an alternative second factor for its two-step account verification option, one that has the additional advantage of thwarting phishing attacks. It’s …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance