Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privilege...
Read More
The "Wow, it's been a busy month" edition.
Apple took "Adware Doctor" out of the store becaus...
Read More
MWR Labs describes use of HTTP Referer headers to execute DNS rebinding attacks on AWS-hosted a...
Read More
Mazen Ahmed write an exploit for the new Struts CVE.
https://github.com/mazen160/struts-pwn_CVE-2018...
Read More
Big, big news out of Portswigger this week. I'm a huge fan of OWASP ZAP, and use it daily, but...
Read More
Trend Micro found a really interesting use-after-free vulnerability in the VBScript engine in IE.&nb...
Read More
Interesting idea - introducing bugs to make software more difficult to attackers to navigate. ...
Read More
Reddit Breach Highlights Limits of SMS-Based Authentication
https://krebsonsecurity.com/2018/08/redd...
Read More
Venmo, a social payment system, defaults to public disclosure of payments made on the system.
https:...
Read More
It has come to my attention that one of Paul Asadoorian's Security Weekly broadcasts is titled Appli...
Read More
For my home internet, I have one choice - Spectrum, née Time Warner Cable. I don't comp...
Read More
npm is a dumpster fire. Yet another malicious package discovered that it automagically brought...
Read More