The code hosting service GitHub confirmed that the introduction of GitHub security alerts in November allowed to obtain a significant reduction of vulnerable code libraries on the platform. Github alerts warn developers when including certain flawed software libraries in their projects and provide advice on how to address the issue. Last year GitHub first […]
A “highly critical” flaw affects Drupal 7 and 8 core, Drupal security updates expected on March 28th
Drupal Security Team confirmed that a “highly critical” vulnerability affects Drupal 7 and 8 core and announced the availability of security updates on March 28th. A “highly critical” vulnerability affects Drupal 7 and 8 core and Drupal developers are currently working to address it. Drupal maintainers initially planned to issue a security […]
Hackers leave ransom note after wiping out MongoDB in 13 seconds
For the last couple of years, hackers have been exploiting unprotected MongoDBbased servers to steal data and hold the exposed databases for ransom. In order to raise awareness, hackers leaked 36 million records of internal data collected from several vulnerable servers. The seriousness of the matter can be understood by the fact that in July of 2015 John Matherly […]
The Pirate Bay is Down Again for the 3rd Time in a Week
Another day, another disappointing news for The Pirate Bay users – Today for the third time in 5 days The Pirate Bay domain has gone offline. Currently, those visiting the site can see “Error 522 Connection timed out” message generated by Cloudflare since The Pirate Bay uses its CDN and DDoS protection […]
City of Atlanta IT Systems Hit by SamSam Ransomware
The Mayor of Atlanta, Georgia has confirmed today in a press conference that several local government systems are currently down due to a ransomware infection. City officials said the ransomware infection took root earlier today, at around 5:40 AM, local time. Some systems down but crucials services still up and […]
CoinMiner Campaigns Move to the Cloud via Docker, Kubernetes
After becoming a scourge inside browsers, on desktops, and on servers, cryptocurrency-mining malware is now invading the cloud, and it appears to be quite successful. Several reports during the past month suggest malware authors are now actively looking to gain access to Docker and Kubernetes systems, two types of applications […]
Google is distributing more Meltdown and Spectre Patches for Chrome OS devices
Google announced that mitigations for devices with Intel processors that are affected by the Spectre and Meltdown vulnerabilities will be available for latest stable channel update for Google’s Chrome OS operating system. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data. The Meltdown attack could allow attackers […]
Dropbox may be valued at $8 Billion after its Initial Public Offering
The Company announced that it will be increasing its IPO price range to sell its shares for more profit by including all shares contributed by stockholders, selling in this offering, the “greenshoe” and the original IPO, Dropbox will have a cost between $7.2 billion and $7.96 billion. It’s below Dropbox’s […]
TeleRAT, a new Android Trojan that uses Telegram for data exfiltration
Security experts at Palo Alto Networks discovered a new Android Trojan dubbed TeleRAT that uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT appears to be originating from and/or to be targeting individuals in Iran, experts found similarities with another Android malware dubbed […]
Q4 2017 Global DDoS Threat Landscape Report
Today we are releasing our latest Global DDoS Threat Landscape Report, a statistical analysis of 5,055 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q4 2017. In Q4, the number of application layer attacks nearly doubled, just as the number of network layer assaults declined. In both cases, […]