Zeljka Zorz
Targeted Cyber Attacks
Targeted cyber attacks against individuals, organizations, businesses, groups, and critical services happen every day around the globe. This book aims to tell you how …
Microsoft releases EMET 5.0
Microsoft has released version 5.0 of its Enhanced Mitigation Experience Toolkit (EMET), a free utility that uses a number of security mitigation techniques to prevent the …
Malicious USB device firmware the next big infection vector?
Researchers from German security consultancy SR Labs have created a whole new class of attacks that can compromise computer systems via ubiquitous and widely used …
Security contest rewards builders of secure systems
More often than not, computer security competitions come in the form of Capture The Flag (CTF) contests, and the emphasis is on breaking systems. This approach helps defenders …
BitTorrent’s decentralized chat app keeps content, metadata safe
BitTorrent, the company that develops the eponymous peer-to-peer protocol and two popular clients that use it, has announced the release of Bleep, an online communication …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
IoT devices are filled with security flaws, researchers warn
We are living in an increasingly interconnected world, and the so-called Internet of Things is our (inescapable) future. But how safe will we, our possessions and our …
Free iPhone app for encrypted phone calls released
There is finally a free alternative for all iOS users who are looking to encrypt their voice calls: the app is called Signal, and has been developed by the Open Whisper …
Researchers successfully attack Android through device’s speaker
A group of researchers from the Chinese University of Hong Kong have demonstrated that even applications with zero permissions can be used to launch attacks that allow …
I2P patched against de-anonymizing 0-day, Tails integration still to follow
Developers of the I2P anonymous networking tool have released a new version (0.9.14) of the tool that fixes XSS and remote execution vulnerabilities reported by Exodus …
AV engines are riddled with exploitable bugs
A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, proving not only that AV engines are …
A peek into Police Locker’s distribution infrastructure
An analysis of the distribution infrastructure for the bothersome Android “Police Locker” ransomware has revealed that the attackers behind it are not putting all …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)