Cybercrime is an evolving phenomenon and offenders are continuously adapting to find new techniques to monetize their illicit activities. Our research paper and upcoming BlackHat Europe presentation – EGO MARKET: When People’s Greed for Fame Benefits Large-Scale Botnets – is about Linux/Moose, a botnet that conducts social media fraud. This blog post is a summary of our paper.
Last week, a new version of Find Security Bugs (FSB), a FindBugs extension was released. In this post, we will present the most recent improvements and some project announcements.
As you may know, CSP is not adopted yet by industry. Multiple surveys have already been made about the adoption of the security header   . Even so, it does not mean that we cannot prepare ourselves for the technology. For this purpose, we have built a Burp and ZAP extension to automate the most common validations called CSP Auditor.
In 2015, Alexey Tyurin from ERPScan presented at the Hack-In-The-Box Amsterdam conference  multiple attack vectors to defeat the widely used Oracle PeopleSoft (or PS) system. Many companies in various market verticals are relying on this massive and complex software to host confidential information about their employees, their students or even about the financial results of the company.