PHP project fixes issues affecting all PHP versions 5.3+ A team of three researchers went so far as to search and discover a PHP zero-day so they could hack PornHub asRead More →
Misbehaving hidden service directories are scattered around the world. The trust of the Tor anonymity network is in many cases only as strong as the individual volunteers whose computers form itsRead More →
Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce asRead More →
Android Stagefright like attack for iPhone, All it takes is a specially crafted message to hack your iPhone If you remember the Stagefright vulnerability in Android discovered in July last year, youRead More →
In part one of our web shell series we analyzed recent trends, code bases, and explored defensive mitigations. In part two we investigate a new web shell created by Chinese-speakingRead More →
Sites exploited by SoakSoak bots give the gift of CryptXXX malware. If you’ve visited the do-it-yourself project site of Dunlop Adhesives, the official tourism site for Guatemala, or a numberRead More →
Increasingly, browsers are taking on a central role in our daily lives. With web apps for everything, we have placed our most intimate data on online services such as Facebook,Read More →
Malicious macros made a comeback in 2015 to deliver malware. Now we’re seeing phishing emails use macros in Excel attachments to steal sensitive banking details. In 2015, we saw maliciousRead More →
Office exploit kits updates drop support for CVE-2012-0158. Two newer vulnerabilities targeting the Microsoft Office suite have become very popular in recent months, as Office exploit kit makers have updated theirRead More →
Chap responsible for very early nodes says ‘recent events’ make it impossible to continue. Tor’s annus horribilus continues, with one of its earliest contributors, Lucky Green, quitting and closing downRead More →
