The Memcached vulnerability has been used in record-breaking DDoS attacks. Various proof-of-concept scripts have been released to exploit the vulnerability. Hackers have recently been exploiting a vulnerability in the MemcachedRead More →
A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of information security training professionals revealedRead More →
A previously undisclosed vulnerability in Nike’s website allowed anyone with a few lines of code to read server data like passwords, which could have provided greater access to the company’sRead More →
A massive amplification DDoS attack hit an undisclosed US-based company, setting new record just days after a similar attack took down GitHub. A DDoS attack using the Memcached vulnerability toRead More →
The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security. Occasionally, however, an exploit still arises. On January 31, Kr-Cert reported aRead More →
In modern Intel processors, there’s a hardware extension available named Software Guard Extension (SGX) to improve the security aspects. It provides a shielded execution environment called ‘enclaves’ to deal withRead More →
Vulnerability in Pivotal’s Spring Data REST allows remote hackers to execute arbitrary commands on any machine that runs an application built using its components. The vulnerability was tracked as CVE-2017-8046Read More →
RMH Franchise Holdings revealed on Friday afternoon that PoS (point of sale) systems at the Applebee’s restaurants were infected with a PoS malware. According to information security training specialists, the PoS malwareRead More →
A flight of new research papers show 4G LTE networks can be exploited for all sorts of badness. There have been lots of reasons to be concerned about how easilyRead More →
Introduction When performing an application assessment one of the areas within an app I pay particular attention to is any ability to define custom templates. By this I mean functionalityRead More →
