Zeljka Zorz
OAuth flaw allowed researcher full access to any Facebook account
A flaw in Facebook’s OAuth system that allows the communication between applications and users has enabled web application security specialist Nir Goldshlager to gain …
Zendesk hack endangers Tumblr, Twitter and Pinterest users
Popular customer service software provider Zendesk has announced that they have been hacked. “We’ve become aware that a hacker accessed our system this week. As …
Mandiant APT1 report used as a lure in phishing campaigns
Mandiant is warning that two malicious versions of their recently released APT1 report have been detected being used as lures in two distinct email phishing campaigns. The …
NBC website serving malware – stay away!
NBC’s website has been compromised, and is redirecting users to malicious sites, reports Dancho Danchev. According to HitmanPro, the website has been injected with …
Advanced Persistent Threat
As more and more information becomes available and is stored in electronic form, the logical consequence is that APT actors will focus on breaching networks and systems on …
Rogue Chrome extension hijacks Facebook accounts
Chrome users, beware of an extension by the name of “Business Flash Player”. According to Bitdefender senior e-threat analyst Bogdan Botezatu, the link to download …
Google account hijacking dramatically reduced
Google employs many security measures to thwart would-be Google account hijackers, and not all are highly visible as the two-factor authentication option introduced in 2010 …
Adobe patches Acrobat and Reader, Mozilla debuts Firefox built-in PDF viewer
Adobe has pushed out the announced update for Acrobat and Reader that patches the two vulnerabilities that were recently exploited in attacks in the wild. But, the popularity …
Twitter entreats users to use better passwords
Twitter is urging users once again to improve their passwords – both on Twitter and on other online services. Apart from the usual advice on using longer, more complex, …
Oracle, Apple release critical updates for Java
Oracle has released on Tuesday a new Java SE Critical Patch Update. “This Critical Patch Update includes all fixes provided in the Oracle Java SE Critical Patch Update …
Apple confirms being hit in recent watering hole attack
Apple has become the latest big company to confirm they’ve been affected by the watering hole attacks that resulted in the compromise of Twitter and Facebook networks, …
Chinese Army unit is behind cyber espionage campaigns, researchers claim
Mandiant, the computer forensic and incident response firm that got called in following the recent breaches of the New York Times‘ and Wall Street Journal‘s …