API leak in third-party vendor

Bill Demirkapi, a sophomore at Rochester Institute of Technology, was shopping for student loans when he found a

Interesting article about continued SolarWinds research

https://community.riskiq.com/article/9a515637   Key points:   Of the SUNBURST features that were operationalized, the most telling was that which

Infosec News – March 21

An article about package manager typo-squatting that I had not known about. An attacker names their malicious package

Infosec News – March 16

New ransomware variant, called DearCry, in apparent homage to 2017’s Wannacry, that uses the Microsoft Exchange vulnerabilities (Proxylogon):

Infosec News – March 10, 2021

A hosting data center, (the largest in Europe and the third-largest in the world) for the French hosting

Infosec news – March 7, 2021

Update in Solarwinds story: FireEye / Microsoft discover three new malware families written by same actors behind Solarwinds

Security News Roundup – March 4

An alternate take on why the Solarwinds hack happened (Note: I read and enjoyed the article by Matt

SQL Injection is Alive and Well (Invited Guest Post)

Our hacker Yosef Kerzner who helps us with Hadoop and Big Data hacking does all other kinds of

Hacking Hadoop – 2

A while back, we described hacking Hadoop through the Cloudera Manager (CM) or through Ambari. But there is so

Hacking Hadoop

How do you hack Hadoop? Here is what we did. We took our team hacker (whom we will