Zeljka Zorz
Apple-notarized malware foils macOS defenses
Shlayer adware creators have found a way to get their malicious payload notarized by Apple, allowing it to bypass anti-malware checks performed by macOS before installing any …
Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers
A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. …
Confirmed: Browsing histories can be used to track users
Browsing histories can be used to compile unique browsing profiles, which can be used to track users, Mozilla researchers have confirmed. There are also many third parties …
The state of GDPR compliance in the mobile app space
Among the rights bestowed upon EU citizens by the General Data Protection Regulation (GDPR) is the right to access their personal data stored by companies (i.e., data …
ATM makers fix flaws allowing illegal cash withdrawals
ATM manufacturers Diebold Nixdorf and NCR have fixed a number of software vulnerabilities that allowed attackers to execute arbitrary code with or without SYSTEM privileges, …
Fileless worm builds cryptomining, backdoor-planting P2P botnet
A fileless worm dubbed FritzFrog has been found roping Linux-based devices – corporate servers, routers and IoT devices – with SSH servers into a P2P botnet whose …
Kali Linux 2020.3 released: A new shell and a Bluetooth Arsenal for NetHunter
Offensive Security has released Kali Linux 2020.3, the latest iteration of the popular open source penetration testing platform. You can download it or upgrade to it. Kali …
Updated cryptojacking worm steals AWS credentials
A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. What’s more, …
Chrome 86 will prominently warn about insecure forms on secure pages
Entering information into and submitting it through insecure online forms will come with very explicit warnings in the upcoming Chrome 86, Google has announced. The new alerts …
Potential Apache Struts 2 RCE flaw fixed, PoCs released
Have you already updated your Apache Struts 2 to version 2.5.22, released in November 2019? You might want to, and quickly, as information about a potential RCE vulnerability …
State-backed hacking, cyber deterrence, and the need for international norms
As time passes, state-backed hacking is becoming an increasingly bigger problem, with the attackers stealing money, information, credit card data, intellectual property, state …
Intel, SAP, and Citrix release critical security updates
August 2020 Patch Tuesday was expectedly observed by Microsoft and Adobe, but many other software firms decided to push out security updates as well. Apple released iCloud for …