The Trickle Down of Supply Chain Attacks

The Trickle Down of Supply Chain Attacks Rod Soto/Kevin Stear   Overview Supply chain attacks are malicious campaigns designed to damage an organization by targeting less-secure elements of…


DoublePulsar exploit targeting Windows Embedded devices

Recent reports indicate a new wave of footprinting and implantation by a modified version of  DoublePulsar, an alleged NSA tool leaked by the Russian affiliated Shadow Brokers. This research…


DDoS Will Never Die

Distributed denial of service (DDoS) attacks present a force and power to be reckoned with. The problems they present have only gotten worse, and the situation certainly will not improve any time…


NoSQL-based stacks exposed to the Internet actively exploited

NoSQL technology has become more popular in recent years thanks to the development of new open-source NoSQL databases that are relatively easy to install, use and integrate with web frameworks. An…


Browser extensions: Hidden behind good, can be very bad

Visitinga website is a standard task for any user that uses the internet. The primary tool for viewing or visiting a website is called a web browser. A web browser allows web pages to render and…


All your passwords are belong to us

The compromise and leak of people’s passwords has become so prevalent and frequent that it is almost accepted as a normal fact of life. Recently the disclosure of a Twitter password bug that allows…


How botnets are built on mass CMS exploitation

Recent public disclosures related to very popular open-source content management systems have shed some light into the cybercrime underground’s drive for obtaining access to infrastructure that can…


Rig Exploit Kit delivering ransomware via Adobe Flash exploit (CVE-2018-4878)

Exploit kits are very efficient tools used in the cybercrime underground. These frameworks are packed with a number of exploits and mechanisms to detect vulnerabilities in systems/applications and…


Drupalgeddon2

A new vulnerability affecting the popular content management system (CMS) framework Drupal has been announced. This vulnerability is said to affect over 1 Million websites.  The vulnerability has…


New Samba Vulnerabilities

The importance of behavioral multi-contextual threat detection A new set of vulnerabilities found in the SAMBA service protocol highlight the need for approaches that go beyond the simple use of…