FireEye releases open source managed password cracking tool
FireEye has released GoCrack, an open source tool for managing password cracking tasks across multiple machines. “Simply deploy a GoCrack server along with a worker on …
Researchers analyze 3,200 unique phishing kits
Most phishing sites are quickly detected and access to them is blocked, but not matter how fast the “takedown” happens, the number of victims is still large enough …
Oracle releases emergency Oracle Identity Manager patch
Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …
Most organizations and consumers believe there is a need for IoT security regulation
90% of consumers lack confidence in the security of Internet of Things (IoT) devices. This comes as more than two-thirds of consumers and almost 80% of organizations support …
Higher education CIOs expect business model change due to digital transformation
Higher education CIOs recognize that key organizational priorities are enrollment and student success, but fail to show innovation with regard to the top technologies required …
Cryptocurrency-mining script planted in apps on Google Play
Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play. Trend Micro researchers have spotted two apps that have been equipped …
Firefox will soon block canvas-based browser fingerprinting attempts
Starting with Firefox 58, users will be able to refuse websites’ requests for information extracted via the HTML5 canvas element, which can be used to fingerprint their …
Malicious Chrome extension steals all data
There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed …
Chris Eng: An infosec journey from offense to defense
“Come to my lab, I promise you’ll learn something cool,” a friend told Chris Eng. Within a couple of hours, he had walked him through writing an exploit for …
Seagate launches SkyHawk AI, the first HDD for AI-enabled surveillance
Seagate announced its SkyHawk AI hard disk drive, the first drive created specifically for artificial intelligence enabled video surveillance solutions. SkyHawk AI provides …
Week in review: Windows 10 anti-ransomware, secure remote browsing, infosec and media
Here’s an overview of some of last week’s most interesting news and articles: NotPetya successor Bad Rabbit hits orgs in Russia, Ukraine Bad Rabbit ransomware, …
Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device
Check Point researchers have discovered a vulnerability in LG’s smart home infrastructure that could have allowed hackers to take over the legitimate user’s account and, …
Featured news
Resources
Don't miss
- Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
- Attackers phish OAuth codes, take over Microsoft 365 accounts
- When confusion becomes a weapon: How cybercriminals exploit economic turmoil
- SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)