Zeljka Zorz
Convincing “Urgent Windows Error Fix” phishing email doing rounds
A pretty convincing email phishing campaign is targeting one of the largest user bases out there – those who use Microsoft’s Windows OS – by taking advantage …
Lavabit users allowed to access accounts and retrieve data
Lavabit’s Ladar Levison has announced that the users of his recently closed down email service will be able to briefly access their accounts so that they can retrieve …
Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
Strengths and weaknesses of MS SmartScreen filter
Microsoft’s SmartScreen application control feature, introduced with Internet Explorer 8 and lately ported to Windows 8 is a good addition to the new OS. It might …
The many security problems of ATMs
As much as they are useful, ATMs are also very vulnerable to tampering and attacks from individuals looking for money. eWeek reports that at the SecTor security conference …
Facebook makes every user discoverable by name
Once again, Facebook is doing away with a feature that many users didn’t even know they could use, but a small, privacy-conscious minority is glad to have (had). Almost …
EFF leaves the Global Network Initiative
With an open letter addressed to members of the Board of Directors of the Global Network Initiative (GNI), the Electronic Frontiers Foundation (EFF) has officially resigned …
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in …
Bogus AmEx “Unusual activity detected” email leads to phishing
An extremely thorough phishing campaign is currently targeting American Express customers by trying to make them believe that access to their account will be restricted within …
Google offers rewards for code improvements to open source programs
Google has announced that they plan to reward researchers who aim to “improve the security of key third-party software critical to the health of the entire …
Police requests DNS provider to take down criminal site, CEO asks for court order
Mark Jeftovic, the CEO of Toronto-based domain registrar and managed DNS provider EasyDNS, has published a (second) letter his company received from UK’s Police …
Bogus Facebook login page steals credentials, pushes malware
Symantec researchers have recently stumbled upon a phishing site that packs a double whammy: the site asks the user either to log into Facebook or to download an app in order …
Featured news
Resources
Don't miss
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
- Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence
- How CISOs can elevate cybersecurity in boardroom discussions
- A humble proposal: The InfoSec CIA triad should be expanded