Collaborate Disseminate
An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy… Continue reading Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet
The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server.
Develop… Continue reading Apache Tomcat Patches Important Remote Code Execution Flaw
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities.
The Libssh2 library is available for all major distributors of the… Continue reading Libssh Releases Update to Patch 9 New Security Vulnerabilities
Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questio… Continue reading PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks
A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files.
The unsecured storage server… Continue reading Unprotected Government Server Exposes Years of FBI Investigations
Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week.
The unprotected 854.8 gigabytes o… Continue reading Over 202 Million Chinese Job Seekers’ Details Exposed On the Internet
In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part of a good website posture. However, it is also important to be aware of what to do to strengthen your we… Continue reading How to Improve Your Website Security Posture – Part II
In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques including whitelists, blacklists, and anomaly checks. In this blog post, we’re going to be focusing… Continue reading Core Integrity Verifications
Well, there’s something quite embarrassing for Apple fans.
Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible.
The teenager from Melbourne, Australia, managed to break into A… Continue reading 16-Year-Old Teen Hacked Apple Servers, Stole 90GB of Secure Files
This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript cryptominers that have been injected into a web page, a binary server-… Continue reading Cryptominers: Binary-Process-Cron Variants and Methods of Removal