-
Feb 25, 2020
Recently, a new vulnerability on Apache Tomcat AJP connector was disclosed. The flaw was discovered by a security researcher of Chaitin Tech [1] and allows a remote attacker to read any webapps files or include a file. The AJP Connector… read more »
-
Feb 24, 2020
Big news, even this week! Cybersecurity Hackers Were Inside Citrix for Five Months Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on… read more »
-
Feb 21, 2020
In order to avoid sourveillance, privacy invasion or information theft you must be sure that the data on your devices are secure, and the only way to do that in this day and age is to make sure they are… read more »
-
Feb 20, 2020
Social engineering techniques are frequently part of an overall security penetration test because also the "human network" need to be tested. But, when security tests are made on human beings, is really important pay attention to etics.Indeed, there are some… read more »
-
Feb 19, 2020
Most Docker images build on full Linux distributions often containing a lot of unnecessary complexity, adversely affecting also the application security. However, by using Google’s “distroless” approach we can build small and secured runtime images. Containerizing Apps, not VMs The… read more »
-
Feb 18, 2020
There's no rest for the (bluetooth) wearables A team of security researchers have discovered numerous vulnerabilities in the Bluetooth Low Energy (BLE) implementations of major vendors. Bluetooth Low Energy is a wireless communication technology (consisting of a set of standardized… read more »
-
Feb 17, 2020
Some reading to start the week! Cybersecurity Abused Cloudflare Workers Service Used to Inject Korean SEO Spam ... After further investigation, it was found that the website was actually loading SEO spam content through Cloudflare’s Workers service. This service allows… read more »
-
Feb 14, 2020
Cross-Site Request Forgery (CSRF) is a type of attack that allows a malicious web site, email, blog, instant message, or program to causes a user’s web browser to perform an unwanted action on a trusted site, when the user is… read more »