New Vulnerability in Popular Widget Shows Risks of Third-Party Code

The Americans with Disabilities Act (ADA) includes requirements on companies falling within its scope to ensure their websites are accessible to individuals with disabilities. These requirements have created a strong incentive for ...
Publicly Open Services Chart

Lessons Learned from 100 Data Breaches: Part 3, Securing Public Cloud Services

In the first two parts of this series, we gained insight into what specific types of data get stolen and what the root causes of breaches are, based on data breach information ...
many event types

Simple Trend and Anomaly Detection with SQL

Introduction Have you ever wondered if you can detect highlights based on your data using only your database engine? Well, the answer is yes. Simple trend detection and anomaly detection can be ...
Magecart hackers target mobile hotel booking websites [An Alternative Perspective]

Magecart hackers target mobile hotel booking websites [An Alternative Perspective]

| | Blog, Research Lab
On September 18th, a series of incidents of credit card skimming attack came to light, as first reported by TrendMicro. Magecart was used to hit two booking websites belonging to two different ...
A Deep Dive into Database Attacks [Part II]: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)

A Deep Dive into Database Attacks [Part II]: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)

An organization’s database servers are frequently the prime target of attackers. We recently started a new research project to learn more about database hacking, primarily to understand common database attacks, tools and ...