Zeljka Zorz
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Flaws in Android update mechanism could turn apps into malware
A group of researchers from Indiana University and Microsoft Research have unearthed six Android vulnerabilities that can be exploited to turn apparently harmless apps into …
10,000 GitHub users inadvertently reveal their AWS secret access keys
GitHub developers who are also Amazon Web Services users are advised to check the code they made public on their project pages and to delete secret access keys for their AWS …
Basecamp gets DDoSed and blackmailed
Basecamp, formerly known as 37signals, has managed to largely mitigate a DDoS attack that started today (March 24) at 8:46 central time and which made its services unavailable …
NSA compromised Huawei’s servers, spied on its executives
For years, the US government has been very vocal about its distrust of Chinese telecommunication giant Huawei, pointedly blocking acquisitions and takeovers that would allow …
Gmail users get full, always-on HTTPS
Google has made good on its word and has introduced default encryption for all Gmail users. “Starting today, Gmail will always use an encrypted HTTPS connection when you …
NSA targets sys admins to breach computer networks
A newly analyzed document from Edward Snowden’s trove show that the NSA collects personal and account information on system administrators and uses it to compromise …
Bitcoin software update fixes transaction ID malleability bugs
Bitcoin Core – as the Bitcoin infrastructure software has been renamed to in order to avoid confusion with the the Bitcoin network – has been updated to make, …
Microsoft accessed Hotmail account to uncover internal leaker
This week’s charging of a former Microsoft employee for stealing the company’s trade secrets could have passed almost unnoticed were it not for an important detail …
BlackOS malicious web traffic managing software is on sale
Security researchers are keeping a close eye on underground cybercrime forums and are quick to spot new offerings, such as the BlackOS software package. Not to be confused …
US tech firms knew about and assisted with PRISM data collection
In a testimony before the Privacy and Civil Liberties Oversight Board, the NSA general council Rajesh De and his colleague stated on Wednesday that the tech companies that …
Over 31,000 IoT devices and computers infected by cryptocoin-mining worm
A new version of the Darlloz Linux worm, which targets Internet-enabled devices such as home routers and security cameras, computers running Intel x86 architectures as well as …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)