Collaborate Disseminate
Cloudflare has fixed an issue where its customer traffic was leaking memory that included sensitive information including authentication cookies, POST data and more. Continue reading Cloudflare Bug Leaks Sensitive Data
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks. Continue reading Impact of New Linux Kernel DCCP Vulnerability Limited
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Continue reading Java, Python FTP Injection Attacks Bypass Firewalls
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Continue reading Java, Python FTP Injection Attacks Bypass Firewalls
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit. Continue reading Criminals Monetizing Attacks Against Unpatched WordPress Sites
New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user. Continue reading Google Upspin Secure File-Sharing Released to Open Source
A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said. Continue reading Windows Botnet Spreading Mirai Variant
A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said. Continue reading Windows Botnet Spreading Mirai Variant
SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference Continue reading SMTP Strict Transport Security Coming Soon to Gmail, Other Webmail Providers
Researchers from Dell SecureWorks infiltrated a Nigerian business email spoofing and business email compromise operation, shutting down a number of money mule accounts in the process. Continue reading Turning Tables on Nigerian Business Email Scammers