Security Boulevard

Roll your own bot detection: fingerprinting/JavaScript (part 1)

This is the first article in a two-part series where we show how to build your own anti-bot system to protect a login ...

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in ...
ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
The Hacker News

Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler ...
The Hacker News

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts ...
Bleeping Computer

Critical Zimbra RCE flaw exploited to backdoor servers using emails

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. The Zimbra remote ...