API leak in third-party vendor
Bill Demirkapi, a sophomore at Rochester Institute of Technology, was shopping for student loans when he found a
Interesting article about continued SolarWinds research
https://community.riskiq.com/article/9a515637 Key points: Of the SUNBURST features that were operationalized, the most telling was that which
Infosec News – March 21
An article about package manager typo-squatting that I had not known about. An attacker names their malicious package
Infosec News – March 16
New ransomware variant, called DearCry, in apparent homage to 2017’s Wannacry, that uses the Microsoft Exchange vulnerabilities (Proxylogon):
Infosec News – March 10, 2021
A hosting data center, (the largest in Europe and the third-largest in the world) for the French hosting
Infosec news – March 7, 2021
Update in Solarwinds story: FireEye / Microsoft discover three new malware families written by same actors behind Solarwinds
Security News Roundup – March 4
An alternate take on why the Solarwinds hack happened (Note: I read and enjoyed the article by Matt
SQL Injection is Alive and Well (Invited Guest Post)
Our hacker Yosef Kerzner who helps us with Hadoop and Big Data hacking does all other kinds of
Hacking Hadoop – 2
A while back, we described hacking Hadoop through the Cloudera Manager (CM) or through Ambari. But there is so
Hacking Hadoop
How do you hack Hadoop? Here is what we did. We took our team hacker (whom we will