ThinkPHP 5.x Remote Code Execution

Earlier this year, we noticed an increase in attacks aiming at ThinkPHP, which is a PHP framework that is very popular in Asia. If you keep track of your site’s activity, the ...
EH-Net - Daw - Ease Me Into Cryptography Part 4: TLS

Ease Me Into Cryptography Part 4: TLS – Applied Cryptographic Foundations

You made it to part 4! Here’s a quick overview of what we have broken down so far. We started with some basic vocabulary for cryptographic building blocks and talked about hash ...
Is Your Token a Security? The SEC Wants to Help You Figure That Out.

Is Your Token a Security? The SEC Wants to Help You Figure That Out.

The SEC has issued a “Framework for ‘Investment Contract’ Analysis of Digital Assets” (the ‘Framework’) that provides the Division of Corporation Finance’s guidance on how to evaluate whether digital assets are “investment ...
Malware Campaigns Sharing Network Resources: r00ts.ninja

Malware Campaigns Sharing Network Resources: r00ts.ninja

We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign (e.g redirected traffic, cryptomining). This was discovered ...
Apple Card

Apple Credit Card: Not So Secure, nor Private

Apple Card is here. It boasts anti-fraud security features and interesting privacy promises. But is there much that’s new here? Probably not ...
Security Boulevard
BSS: Dow Jones, TurboTax, and Indane data breaches

BSS: Dow Jones, TurboTax, and Indane data breaches

Here are the top cybersecurity stories of recent weeks: Dow Jones’ watchlist of high-risk individuals breached $7.7 million in EOS cryptocurrency stolen by hacker TurboTax credential stuffing attacks exposes tax returns US ...
Bitglass Security Spotlight: 500px, Card Dumps, and UW Medicine

Bitglass Security Spotlight: 500px, Card Dumps, and UW Medicine

Here are the top cybersecurity stories of recent weeks: 500px discovers 2018 data breach affecting 15 million users Sensitive credit card information worth $3.5 million put up for sale University of Washington ...
Cyberthreats Your Business Isn’t Prepared For

Cyberthreats Your Business Isn’t Prepared For

You have backups in the event your business is hit by ransomware. You have prepared PR statements should there be any kind of customer data breach. You have been careful to keep ...
The End of CoinHive and the Rise of Cryptojacking

The End of CoinHive and the Rise of Cryptojacking

CoinHive is a service that was created in September 2017. It allows users to mine Monero cryptocurrency using JavaScript. CoinHive has remarkably changed the income models of content developers over the course ...

Coinhive shuts down | Avast

Cryptojacking stole the limelight away from ransomware at the end of 2017, becoming a major cyberthreat that continued into 2018. On March 8, 2019 Coinhive, the service that enables websites around the ...
Loading...