Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group.
Browsing Author: Michael Mimoso
Intel and Microsoft announced bug bounties, paying $30,000 and $15,000 respectively for critical vulnerabilities.
The Department of Justice indicted four individuals, including two Russian FSB officers, for their roles in the Yahoo breach.
JSON libraries using the JWE specification to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key.
Microsoft released 18 security bulletins, eight rated critical. The company also patched publicly disclosed vulnerabilities that surfaced since last month’s postponement of Patch Tuesday.
The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks.
Researchers at Check Point found and remediated malware on 38 Android devices that were infected somewhere along the supply chain.
Google has re-issued its over-the-air Android security update after Nexus 6 users reported that the patches broke the SafetyNet API and features such as Android Pay no longer worked.
Double Robotics telepresence robots were patched against vulnerabilities that leaked device data and session keys and tokens.
While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.