HHS

New Hacking Group Exploits Vulnerabilities in Web Apps

A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the ...
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Security Boulevard

Web App Pentest by AutoSecT

Web applications run almost every business today. They handle logins, payments, user data, and daily operations. As usage ...
Bleeping Computer

Researcher to release exploit for full auth bypass on FortiWeb

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...
Dark Reading

New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days

Gray-market exploit brokers are alive and kicking, with the latest sign of this flourishing market coming in the form of a bidding war for Signal messaging app zero-days from a relatively new entrant.
Network World

All-out blitz against Web app attacks

Armed with Web application firewalls, intrusion-protection systems and vulnerability scanners, companies can defend against app-level cyberattacks. After nearly 20 years of selling software to the ...