The Catch 22 of Base64: Attacker Dilemma from a Defender Point of View
Web application threats come in different shapes and sizes. These threats mostly stem from web application vulnerabilities, published daily by the vendors themselves or by third-party researchers, followed by vigilant attackers exploiting them.
To cover their tracks and increase their attack success rate, hackers often obfuscate attacks using different techniques. Obfuscation of web application attacks can be extremely complicated, involving...
Drupalgeddon3: Third Critical Flaw Discovered
For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core.
The vulnerability, code-named Drupalgeddon3, exploits improper input validation in the Form API....
FS-ISAC 2018 Summit
<img src="https://info.digitalguardian.com/rs/768-OQW-145/images/fsi-isac-logo.png">
Digital Guardian will be presenting and exhibiting in Booth #69.Get tools, tips and recipes from our threat hunting experts.
Boca Raton | May 20-23 | Boca Raton Resort
- Read more
Analyst Insights – The 4 Questions for GDPR Success
Bloor Research
Analyst Insights – The 4 Questions for GDPR Success
This webinar was recorded April 26, 2018.
- Read more
DDoS attacks in Q1 2018
News overview
In early January, it was reported that an amateur hacker had come close to pulling off a botnet attack using “improvised” materials. Armed with information gleaned from hacker forums, the DIYer created a Trojan using a zero-day exploit in Huawei routers and released it online. The attack was soon nipped in the bud, but the wannabe cybercriminal could...
Supply Chain Risk: Time to Focus on Partners Ahead of GDPR Deadline
With the GDPR compliance deadline of May 25 almost upon us, recent events have highlighted the importance of locking down third-party risk. Attacks on supply chain partners, Facebook’s data leak scandal and a new report from the National Cyber Security Centre (NCSC) have all come at an opportune time to illustrate the potential liabilities facing firms.
The GDPR will require...
Five Critical Steps of a Complete Security Risk and Compliance Lifecycle
Five Critical Steps of a Complete Security Risk and Compliance Lifecycle #outlook a{ padding:0; } body{ width:100% !important; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } body{ -webkit-text-size-adjust:none; } body{ margin:0; padding:0; } img{ border:0; height:auto; line-height:100%; outline:none; text-decoration:none; } table td{ border-collapse:collapse; } #backgroundTable{ height:100% !important; margin:0;...
Latest article
Chromium: CVE-2026-3909 Out of bounds write in Skia
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2021) for more information. Google is aware...
Instagram Users Urged to Save Encrypted DMs Before Feature Disappears
Meta will soon end Instagram’s end-to-end encrypted chats, citing low adoption and directing users to export affected messages.
The post Instagram Users Urged to Save...
IBM Uncovers ‘Slopoly,’ Likely AI-Generated Malware Used in Hive0163 Ransomware Attack
A concerning development has emerged in early 2026, as IBM X-Force uncovered a likely AI-generated malware strain they named “Slopoly,” deployed during a ransomware...
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
The Rapid7 MDR team is currently monitoring an increase in phishing campaigns where threat actors (TAs) impersonate internal IT departments via Microsoft Teams. The...
