Hackers use stolen banking information to trick victims into downloading BitRAT malware
A new malware campaign has been observed using sensitive information stolen from banks as bait in phishing emails to drop a remote access Trojan called BitRAT. An unknown attacker hijacked her IT infrastructure for a Colombian credit union and used the information to create a convincing decoy message to trick the victim into opening her […]
What developers need to deal with common vulnerabilities
Today’s threat landscape is constantly changing, and now more than ever, organizations and businesses across all industries have an urgent need to consistently produce and maintain secure software. While certain verticals – such as the financial sector – have been subject to regulatory and compliance requirements for some time, we are seeing increased attention towards […]
Unpatched ModSecurity CRS vulnerabilities leave web servers open to denial-of-service attacks
ReDoS flaws discovered in the OWASP Core Rule Set A clutch of unpatched vulnerabilities in ModSecurity’s OWASP Core Rule Set has left potentially thousands of web servers open to denial-of-service (DoS) attacks. ModSecurity is a popular open source web application firewall (WAF) that are designed to help stop attacks or unwanted behavior against applications by […]