News

Updates on the latest happenings in cybersecurity. Includes news about threats, breaches, and new security technologies.

News

Spring4Shell: Everything you need to know.

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the

News

Lastpass Breach - Everything you need to know

One of the largest online password manager with Over 25 million users as of 2020. LastPass suffered a massive data breach recently. The data included user information and vault data. Earlier in August, LastPass informed customers that an unauthorised actor had gained access to their development server through a compromised

News

GoDaddy: Hackers stole customer information, installed malware in multi-year breach

Web hosting provider GoDaddy recently disclosed a multi-year(possibly since 2020) security breach, which enabled attackers to install malware and steal source code related to some of its services. The company attributed the attack to a “sophisticated and organized group targeting hosting services.” According to the company, it received several

News

Uber Breach - Few Security Takeaways

On 15 September, UBER acknowledged that it was responding to a “cybersecurity incident” and had contacted law authorities about the hack. An individual claiming to be an 18-year-old hacker claimed credit for the attack. On Thursday night, the attacker reportedly tweeted, “Hi I declare I am a hacker and UBER