Category: Uncategorized


I recently disclosed 15 vulnerabilities in Crestron’s AM-100 and AM-101devices. Continue reading

Dell SupportAssist Client has been updated to address multiple vulnerabilities which may be potentially exploited to compromise the system. Continue reading

A “cyber event” interrupted grid operations in parts of the western United States last month, according to a cryptic report posted by the Department of Energy. Continue reading

With our internet-wide telemetry, RiskIQ has discovered some of the most significant Magecart attacks ever carried out. These involved a host of different tools and tactics including several different inject types, skimmers of varying sophistication, and countless intrusion methods. But for every Magecart attack that makes headlines, we detect thousands more that we don’t disclose. A considerable portion of these lesser-known breaches involves third-party payment platforms. Continue reading

The APT34 Glimpse project is maybe the most complete APT34 project known so far, the popular researcher Marco Ramilli analyzed it for us.

Continue reading

Defendant and Co-conspirators Hacked into Computer Systems of Tax Preparation Companies and Stole Personal Information of Identity Theft Victims

Continue reading

Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records following a security lapse. Continue reading

In April 2019, several new exploits targeting SAP business applications were released in a public forum. Although the exploits target insecure configurations that have been reported by SAP SE and Onapsis in the past, their public release significantly increases the risk of successful cyber attacks against SAP implementations globally. Continue reading

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. Continue reading

  • Two prolific dark web marketplaces have been taken down in simultaneous global operations, supported by Europol: the Wall Street Market and the Silkkitie (known as the Valhalla Marketplace)

Continue reading