Zeljka Zorz
Unraveling the South Korean cyberattacks
Wednesday’s news that the networks of several South Korean broadcasting organizations and banks have been partially or entirely crippled by coordinated attacks has …
Cisco devices saddled with weakened password encryption
Instead of improving it, an implementation issue has left a “limited” number of Cisco IOS and Cisco IOS XE releases with a weaker password hashing algorithm, …
Researcher points out critical Samsung Android phone vulnerabilities
Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the …
Researcher ropes poorly protected devices into botnet to map the Internet
A fascinating but technically illegal experiment conducted by an anonymous researcher has witnessed over 420,000 Internet-connected devices being roped into a botnet that …
Hacktivists leak info on undercover Montreal police officers
The names, phone numbers and job titles of thousands of police officers and other employees of the Montreal police department (Service de police de la Ville de Montreal, or …
Chinese military hacker unit cleaning up its tracks
When the computer forensic and incident response firm Mandiant publicly released their report on the Chinese military hacking unit dubbed APT1, they predicted that the group …
Client-Side Attacks and Defense
Whether it's security vulnerabilities in software used by millions of home users and employees, or the natural human tendency to trust what comes at us, but even the most …
Massive Chameleon botnet steals $6M per month from advertisers
Web traffic analytics firm spider.io has discovered a massive botnet that emulates human visitors in order to earn its master(s) over $6 million per month from online …
Malware pushers poison MSN Messenger search results
As the date when the MSN Messenger is scheduled to be phased out speedily approaches, it is getting harder to find an installer for it online, so malware peddlers gave rushed …
Internal name SSL certificates could be exploited for MitM atacks
The Certificate Authority practice of issuing “Internal Name” certificates for private domains which are currently non-resolvable by the Domain Name System could …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Beware of fake Candy Crush apps on Google Play
Whenever a mobile game becomes hugely popular, it also becomes a great way for scammers and malware peddlers to lure users into unknowingly installing malicious apps on their …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype