Latest Entries »

I recently disclosed 15 vulnerabilities in Crestron’s AM-100 and AM-101devices. View full article »

Dell SupportAssist Client has been updated to address multiple vulnerabilities which may be potentially exploited to compromise the system. View full article »

A “cyber event” interrupted grid operations in parts of the western United States last month, according to a cryptic report posted by the Department of Energy. View full article »

With our internet-wide telemetry, RiskIQ has discovered some of the most significant Magecart attacks ever carried out. These involved a host of different tools and tactics including several different inject types, skimmers of varying sophistication, and countless intrusion methods. But for every Magecart attack that makes headlines, we detect thousands more that we don’t disclose. A considerable portion of these lesser-known breaches involves third-party payment platforms. View full article »

The APT34 Glimpse project is maybe the most complete APT34 project known so far, the popular researcher Marco Ramilli analyzed it for us.

View full article »

Defendant and Co-conspirators Hacked into Computer Systems of Tax Preparation Companies and Stole Personal Information of Identity Theft Victims

View full article »

Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records following a security lapse. View full article »

In April 2019, several new exploits targeting SAP business applications were released in a public forum. Although the exploits target insecure configurations that have been reported by SAP SE and Onapsis in the past, their public release significantly increases the risk of successful cyber attacks against SAP implementations globally. View full article »

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. View full article »

  • Two prolific dark web marketplaces have been taken down in simultaneous global operations, supported by Europol: the Wall Street Market and the Silkkitie (known as the Valhalla Marketplace)

View full article »