hell

Dell Hell Gets Hotter via Bad Bug in Every PC, Laptop

Every Dell endpoint running Windows has a nasty remote-code execution vulnerability. The security hole is in the SupportAssist module ...
Security Boulevard
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers ...
cryptocurrency miner via website vulnerability

Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers

Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in ...
Missing Content-Type Header

The Importance of the Content-Type Header in HTTP Requests

Dawid Czagan, Founder and CEO at Silesia Security Labs and author of Bug Hunting Millionaire, is listed in HackerOne’s Top 10 Hackers. In a recent article on his website, Czagan disclosed the ...
Critical RCE Vulnerability in Facebook Server Patched, Researcher Nabs $5,000 Bounty

Critical RCE Vulnerability in Facebook Server Patched, Researcher Nabs $5,000 Bounty

A critical remote code execution vulnerability in a Facebook server was recently patched after security researcher Daniel ‘Blaklis’ Le Gall reported it using a proof-of-concept. The vulnerability was found in an unstable ...
Critical Vulnerability in Docker Tool for Windows Allows RCE; Patch Available

Critical Vulnerability in Docker Tool for Windows Allows RCE; Patch Available

A recent vulnerability in the Windows Host Compute Service Shim (hcsshim) library that allows users to import Docker container images in Docker for Windows could have enabled remote code execution on the ...
drupalgeddon 2 attacks by date

Drupalgeddon 2.0: Are Hackers Slacking Off?

Ever since March 28th, when Drupal published a patch for a RCE named Drupalgeddon 2.0 (SA-CORE-2018-002/CVE-2018-7600), Imperva has been monitoring our cloud looking for hackers’ attempts to exploit the vulnerability, but found ...