WD My Cloud
The WD My Cloud with firmware versions 04.01.03-421 and 04.01.04-422 suffer from command injection and cross-site request forgery (“CSRF”) vulnerabilities.
Another breach notification, another opportunity for division across #InfoSec lists. Yesterday, LastPass announced that it had fallen victim to a security attack in the recent past where key values.
The idea of threat free threat models may make no sense, but nonetheless this is a growing misconception by some just coming into the practice of application threat modeling.
Jsonpickle Exploitation: Python’s pickle module has been the target for exploitation when it used insecurely by loading malicious ‘pickle’ streams…
Node.js is known as one of the most important emerging technologies. It is an event driven open source runtime to create server side applications.
Android Vulnerabilities and Exploits
As the title states, the Android Titan SMS Trojan utilizes Trojan functionality in order to steal SMS and exfiltrate them off of the target user’s device.
Statistical Findings & Security Metrics
In this two-part security governance series, we’ll take a look at the broader picture of security metrics and how to derive them from security activities.
An insecure implementation of the intent URL scheme revolves around theIntent.parseUri() method. The first thing we did when reversing the Mercury Browser..
From the description on contagio mobile this Android InfoStealer malware, Godwon, is used by an online criminal group for ‘sextortion’.
We are an international squad of professionals working as one.
Copyright 2020 VerSprite - All Rights Reserved