Trial Ends in Guilty Verdict for DDoS-for-Hire Boss
A jury in California today reached a guilty verdict in the trial of Matthew Gatrel, a St. Charles, Ill. man…
Financial Cybercrime: Following Cryptocurrency via Public Ledgers
John Hammond, security researcher with Huntress, discusses a wallet-hijacking RAT, and how law enforcement recovered millions in Bitcoin after the…
Airline Credential-Theft Takes Off in Widening Campaign
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker…
HTML Smuggling: A Resurgent Cause for Concern
By Vinay Pidathala, Director of Security Research, Menlo Security Cybersecurity is never straightforward. While defense techniques, technologies, policies […] The…
Updates on healthcare and school system data breaches. T-Mobile privacy lawsuits headed for consolidation.
T-Mobile data breach lawsuits headed for consolidation. Data exposure at a Saskatchewan school system. Georgia healthcare provider criticized for poor…
Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats,…
FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539
Advanced persistent threat attackers are exploiting a newly identified vulnerability in Zoho ManageEngine ADSelfService Plus, according to a joint advisory…
3 security lessons from an MSP that survived the Kaseya VSA attack
An Indiana-based MSP offers lessons in what needs to change following the Kaseya VSA ransomware attack. Jay Tipton, chief executive…
Ulfius Web Framework Remote Memory Corruption
Authored by Jeremy Brown Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a…
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
Authored by bnu1s DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross…