Blog

A dangerous local vulnerability is found in systemd 228 that allows a non-privileged attacker run a code as superuser.
As stated by security researcher Sebastian Krahmer, the problem previously found in systemd can be exploited not only for Linux distribution ...

Attackers are able to escalate their privileges and compromise the system as a result
Security researcher Dawid Golunski states that vulnerability in nginx (CVE-2016-1247) allows local attackers to obtain root privileges in the system.

Intruders who have managed to compromise an ...

New opportunities of KillDisk allow to control malware through the C&C server and use the application as a crypto ransomware
ESET researchers have discovered a new variant of KillDisk malware designed for attacks on the  Linux systems.

KillDisk is a destructive ...

The new Leet botnet was used in the DDoS attack on the infrastructure of the Imperva Incapsula company
Imperva Incapsula’s analysts have recorded a DDoS attack on the company’s infrastructure, which can lay claim to being the most powerful ones ...

The hole allows to remotely execute a code in the context of web server and compromize the web application.
Polish security researcher Dawid Golunski from Legal Hackers has found a critical hole in one of the most popular open source ...

Googleinfo-icon has released new tools and related documentation to help developers reduce the risk of XSS attacks using the Content Security Policy (CSP) standard. XSS-vulnerabilities continue to affect many web applications, including those developed by large companies.
In the past ...

December 19, 2016, a notice appeared in Ethereum Project’s official blog, warning that ethereum.org forum was compromised by unknown attackers.
The administration learned about the data leak on December 16, 2016. The first results of the investigation showed the following ...