Zeljka Zorz
Client-Side Attacks and Defense
Whether it's security vulnerabilities in software used by millions of home users and employees, or the natural human tendency to trust what comes at us, but even the most …
Massive Chameleon botnet steals $6M per month from advertisers
Web traffic analytics firm spider.io has discovered a massive botnet that emulates human visitors in order to earn its master(s) over $6 million per month from online …
Malware pushers poison MSN Messenger search results
As the date when the MSN Messenger is scheduled to be phased out speedily approaches, it is getting harder to find an installer for it online, so malware peddlers gave rushed …
Internal name SSL certificates could be exploited for MitM atacks
The Certificate Authority practice of issuing “Internal Name” certificates for private domains which are currently non-resolvable by the Domain Name System could …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Beware of fake Candy Crush apps on Google Play
Whenever a mobile game becomes hugely popular, it also becomes a great way for scammers and malware peddlers to lure users into unknowingly installing malicious apps on their …
Andrew Auernheimer gets prison sentence for AT&T iPad “hack”
Andrew “weev” Auernheimer, security researcher and member of Goatse Security, has been handed a 41-month-long prison sentence for harvesting and publishing emails …
Who is attacking industrial control systems?
Since the discovery of Stuxnet, industrial control systems (ICS) and supervisory control and data acquisition (SCADA) networks have received a fair share of attention from …
Massive casino scam pulled off via CCTV system compromise
A high-rolling player has been thrown out of a casino in Australia after having successful executed a scam that involved compromising of the gambling establishment’s …
Becoming a malware analyst
There are few jobs in this industry that seem as appealing and interesting to me as that of a malware analyst. In my mind, these professionals were waking up each day to …
“Confidential document on Google Docs” leads to account hijacking
A simple phishing scam aimed at harvesting users’ Google credentials is hitting inboxes around the world, warns Hoax-Slayer. “Please view the document i uploaded …
New ZeuS-based modular rootkit offered to cybercriminals
Given the popularity of the Zeus crimeware, and the fact that its source code has been ultimately offered for sale at bargain basement prices, it’s no wonder that every …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks