Zeljka Zorz
Highly targeted attacks exploiting Windows MHTML vulnerability
A recent surge in attacks against a variety of sites that exploit a MHTML XSS vulnerability publicly disclosed in January – and which still hasn’t been patched by …
PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks
The management of identities and online authentication are two problems to which so far only Public Key Infrastructure (PKI) has managed to give a secure and scalable answer …
Anti-phishing tool detects fraudulent sites by analyzing their elements
A Hong Kong City University professor that concentrates his effort on ways for combating phishing has recently made public a piece of software that proactively detects …
“Japanese Tsunami RAW Tidal Wave Footage” scam on Facebook
As the Japanese tragedy unfolds, so do the various online scams taking advantage of people’s interest in the situation. We have already witnessed black hat SEO poisoning …
Pwn2Own: iPhone and Blackberry hacked
On the second day of the Pwn2Own contest held at the CanSecWest conference, iPhone and Blackberry devices have been successfully exploited, while the scheduled Android and …
Spoofed reported attack pages lead to ransomware
Spoofed reported attack pages have been the lure of choice of fake AV and ransomware peddlers for quite some time now, so it shouldn’t come as a surprise that a recent …
Japan earthquake search results already poisoned
It didn’t take long for malware pushers to take advantage of Internet users’ hunger for news and videos from Japan after it was hit today by the most powerful …
Google Android security tool found repackaged with malware
In a what should actually not be a wholly unexpected turn of events, the Android Market security update – pushed to Android users whose devices where affected by one or …
Zeus toolkit with “ghost” panel for better evasion
The last version of the Zeus builder before author Monstr/Slavik gave up its source code to the author of the SpyEye toolkit is 2.0.8.9, and it’s still being offered on …
Should antivirus vendors block state malware?
The question was raised by security firm F-Secure after the news that documents found in the recently raided Headquarters of the Egyptian State Security revealed that its …
Pwn2Own: Safari and IE8 go down, Chrome’s attacker a no-show
The results of the first day of the Pwn2Own contest held each year at the CanSecWest conference are the following: Safari and IE8 went down, Chrome is still unscathed due to a …
Free, open source exploit kit offered online
Among the various exploit kits for sale out there it seems there is one that aspiring cyber crooks can use for free. Researchers from M86 have stumbled upon it by chance, and …