Zeljka Zorz
Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics
In a recently released whitepaper, Trend Micro researchers have shared many details about a long-standing economic and political cyber-espionage operation they dubbed Pawn …
Attackers bypass Sandworm patch with new 0-day
The Sandworm vulnerability has been patched, but unfortunately attackers have discovered a way to bypass the patch and continue with their targeted attacks. “As with …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Apple warns about organized network attacks against iCloud users
In the wake of the claims that the Chinese authorities have mounted a MITM attack against iCloud and Microsoft account holders by redirecting them to spoofed login pages, …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Attackers change home routers’ DNS settings via malicious code injected in ads
Sucuri Security researchers have unearthed a malvertising campaign aimed at changing the DNS settings of home routers in order to lead users questionable and potentially …
Malware directs stolen documents to Google Drive
Researchers have uncovered a new type of information-stealing malware that is apparently used in campaigns targeting government agencies and can syphon files from compromised …
2FA: Google offers physical alternative to verification codes
Google is offering an alternative second factor for its two-step account verification option, one that has the additional advantage of thwarting phishing attacks. It’s …
OS X Yosemite’s Spotlight Suggestions: Privacy killer or not?
With last week’s official release of OS X Yosemite (v10.10), Apple has solved some critical security issues that could adversely affect users. But the new version of the …
Staples customers likely the latest victims of credit card breach
International office supply chain store Staples is likely the latest retailer to have suffered a credit card breach. “Multiple banks say they have identified a pattern …
Delivering malicious Android apps hidden in image files
Researchers have found a way to deliver a malicious app to Android users by hiding it into what seems to be an encrypted image file, which is then delivered via a legitimate, …
China executes MITM attack against iCloud and Microsoft account holders
China-based Internet users are in danger of getting their iCloud and Windows Live accounts hijacked and all the information in them slurped up by the Chinese authorities, web …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks