Black Hat
Samy Kamkar, in an incredibly interesting session at Black Hat titled “How I Met Your Girlfriend,” highlighted new types attacks executed from the Web.
Hi, what are you looking for?
SecurityWeek
Cloud Security
JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.
Malware & Threats
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
Vulnerabilities
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain...
Malware & Threats
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
Vulnerabilities
The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.
Nation-State
Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and...
Vulnerabilities
Microsoft this week announced an agreement to collaborate with Adobe systems and facilitate advanced information sharing on vulnerabilities via its Microsoft Active Protections Program...
Black Hat
The presentation "Jackpotting Automated Teller Machines" was originally on the schedule at Black Hat USA 2009 but the talk was pulled at the last...
Black Hat
The presentation "Jackpotting Automated Teller Machines" was originally on the schedule at Black Hat USA 2009 but the talk was pulled at the last...
Application Security
Today at Black Hat USA 2010 in Las Vegas, Qualys will unveil an open source web application fingerprinting engine that identifies application and plugin...
Black Hat
Sourcefire Razorback - Open Source Framework Ties Together Various Threat Collection and Detection TechnologiesSourcefire, Inc. (Nasdaq:FIRE), a provider cybersecurity solutions, this week is launching Razorback,...
Vulnerabilities
Qualys today announced that its QualysGuard Vulnerability Management (VM) now includes correlated exploitability information from real-time feeds to provide customers with up-to-date references to...
Application Security
Fifty-six percent of companies that have deployed interactive Web 2.0 applications have taken steps to prevent hacking, and the other 46 percent should, according...
Application Security
Core Security, maker of penetration testers used by “red teams” to identify security vulnerabilities, today announced beta availability of a fully automated testing solution...
Application Security
Enterprise Website Vulnerability Management Product Updated With Enhanced User and Role Management, New Reporting Capabilities and Stronger Access Control
Data Protection
IT security risk and compliance management solutions provider, Qualys, today added a new feature to its QualysGuard Vulnerability Management solution to help customers identify...
Endpoint Security
With the excitement surrounding Apple’s iPhone 4 at its World Wide Developer Conference (WWDC) yesterday, Apple decided not talk about the latest version of...
Incident Response
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024.
Artificial Intelligence
Identity & Access
Malware & Threats
Incident Response
Mobile & Wireless
CISO Strategy
