TeamTNT hackers target your poorly configured Docker servers
Poorly configured Docker servers and being actively targeted by the TeamTNT hacking group in an ongoing campaign started last month.…
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes […] The…
API Security Issues Hinder Application Delivery
A new survey explains why nearly all organizations experience API security problems to varying degrees.
Microsoft Expands Security to AWS in Multicloud Push
Microsoft will expand its cloud security tools to AWS within a suite called Defender for Cloud and launch a new…
Microsoft Defender for Windows is getting a massive overhaul
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients…
Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to…
Understanding the Human Communications Attack Surface
Companies should recognize that collaboration platforms aren't isolated, secure channels where traditional threats don't exist.
WordPress plugin bug impacts 1M sites, allows malicious redirects
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly…
Cybercriminals Ramp Up Attacks on Web APIs
As more organizations use application programming interfaces for Web applications, attacks and security incidents targeting APIs continue to grow.
Malicious NPM libraries install ransomware, password stealer
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...]