Police dismantled bulletproof hosting service provider Lolek Hosted
A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek…
Security
Python URL parsing function flaw can enable command execution
A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution.…
2023 OWASP Top-10 Series: API3:2023 Broken Object Property Level Authorization
Welcome to the 4th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
UK govt contractor MPD FM leaks employee passport data
UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM,…
Power Generator in South Africa hit with DroxiDat and Cobalt Strike
Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers…
Weekly Update 360
Presently sponsored by: Secure your assets, identity and online accounts with our award-winning ID theft protection. Get started with Aura…
Friday Squid Blogging: NIWA Annual Squid Survey
Results from the National Institute of Water and Atmospheric Research Limited annual squid survey: This year, the team unearthed spectacular…
The Evolution of API: From Commerce to Cloud
API (or Application Programming Interface) is a ubiquitous term in the tech community today, and it’s one with a long…
The Inability to Simultaneously Verify Sentience, Location, and Identity
Really interesting “systematization of knowledge” paper: “SoK: The Ghost Trilemma” Abstract: Trolls, bots, and sybils distort online discourse and compromise…
Gafgyt botnet is targeting EoL Zyxel routers
Researchers warn that the Gafgyt botnet is actively exploiting a vulnerability impacting the end-of-life Zyxel P660HN-T1A router. A variant of…