New Malware Campaign Exploits Microsoft Graph API to Infect Windows

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack's evasion techniques and security measures...

Grim Finance hacked – $30 million worth of tokens stolen

By Waqas According to Grim Finance, it was an "advanced attack" in which hackers exploited a flaw in the vault contract. This is a post from HackRead.com Read the original post: Grim Finance hacked - $30 million worth of tokens stolen...

Smurf DDoS attack:❗️ How it works and how to mitigate

Attacks geared at denying users access to servers are executed in different ways. One notable approach — similar in many forms of service denials — is the use of volume. The sheer volume of requests is employed by attackers to render a particular network useless. A good representation of that is...

CVE-2020-24569

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information...

Sql injection

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information...

CVE-2020-24569

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information...

Reflected Cross-Site Scripting (XSS) in iTop

High-Tech Bridge Security Research Lab discovered vulnerability in iTop, which can be exploited to perform Cross-Site Scripting XSS attacks against web application users. iTop is a critical application, which is used to cover the entire set of ITIL processes. Successful attack on this web...

Interview: Crypto Legend Ron Rivest On Fixing SSL, APTs and The Future Of Security

One of the biggest talks at this year’s Black Hat Briefings was a presentation on the structural problem with digital certificate authorities by Moxie Marlinspike. The subsequent hack of Dutch certificate authority DigiNotar and a damning report on that attack only weeks later, and more recent...