63 billion credential stuffing attacks hit retail, hospitality, travel industries

Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types and sizes between July 2018 and June 2020. The report also includes numerous examples of criminal ads from the dark… Continue reading 63 billion credential stuffing attacks hit retail, hospitality, travel industries

The gaming community is a rising target for credential stuffing attacks

Hackers have targeted the gaming industry by carrying out 12 billion credential stuffing attacks against gaming websites within the 17-month period analyzed in the report (November 2017 – March 2019) by Akamai. 55 billion credential stuffing attacks Th… Continue reading The gaming community is a rising target for credential stuffing attacks

Here we go again: DDoS attacks on the rise!

Newly released data shows that DDoS and web application attacks are on the rise once again, according to Akamai’s Second Quarter, 2017 State of the Internet / Security Report. Contributing to this rise was the PBot DDoS malware which re-emerged as the foundation for the strongest DDoS attacks seen by Akamai this quarter. In the case of PBot, malicious actors used decades-old PHP code to generate the largest DDoS attack observed by Akamai in the … More Continue reading Here we go again: DDoS attacks on the rise!

Telegram-Controlled Hacking Tool Targets SQL Injection at Scale

The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone. Continue reading Telegram-Controlled Hacking Tool Targets SQL Injection at Scale

Top-ranked programming Web tutorials introduce vulnerabilities into software

Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been introduced through the use of code from popular but insufficiently reviewed tutorials. The process The researchers identified popular tutorials by inputing search terms such as “mysql tutorial”, “php search form”, “javascript echo user input”, etc. into Google Search. The first five results for each query were then manually reviewed and … More Continue reading Top-ranked programming Web tutorials introduce vulnerabilities into software

PunkSPIDER – A Web Vulnerability Search Engine

PunkSPIDER is a global-reaching web vulnerability search engine aimed at web applications. The goal is to allow the user to determine vulnerabilities in websites across the Internet quickly, easily, and intuitively. Please use PunkSPIDER responsibly. I… Continue reading PunkSPIDER – A Web Vulnerability Search Engine