Explaining Spring4Shell: The Internet security disaster that wasn’tVulnerability in the Spring Java Framework is important, but it's no Log4Shell.#arstechnica#2022#EN#Spring4Shell#Java·arstechnica.com·Apr 4, 2022Explaining Spring4Shell: The Internet security disaster that wasn’t
Lapsus$ and SolarWinds hackers both use the same old trick to bypass MFANot all MFA is created equal, as script kiddies and elite hackers have shown recently.#arstechnica#2022#EN#MFA#prompt-bombing·arstechnica.com·Mar 29, 2022Lapsus$ and SolarWinds hackers both use the same old trick to bypass MFA
Behold, a password phishing site that can trick even savvy usersJust when you thought you'd seen every phishing trick out there, BitB comes along.#Behold#password#arstechnica#EN#2022#phishing#BitB·arstechnica.com·Mar 27, 2022Behold, a password phishing site that can trick even savvy users
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars TechnicaWhen code with millions of downloads nukes user files, bad things can happen.#Sabotage#arstechnica#EN#2022#NPM#Russia#cyberwar#node-ipc#package#CVE-2022-23812·arstechnica.com·Mar 19, 2022Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica
New method that amplifies DDoSes by 4 billion-fold. What could go wrong?New method also stretches out DDoS durations to 14 hours.#DDoS#arstechnica#EN#2022#amplification·arstechnica.com·Mar 9, 2022New method that amplifies DDoSes by 4 billion-fold. What could go wrong?
Cybercriminals who breached Nvidia issue one of the most unusual demands everChipmaker has until Friday to comply or see its crown-jewel source code released.#Nvidia#2022#EN#ransom#demands#code#arstechnica·arstechnica.com·Mar 6, 2022Cybercriminals who breached Nvidia issue one of the most unusual demands ever
VMware Horizon servers are under active exploit by Iranian state hackersHackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday.#arstechnica#log4shell#EN#2022#TunnelVision#Iranian#VMware#Horizon#CVE-2021-44228·arstechnica.com·Feb 18, 2022VMware Horizon servers are under active exploit by Iranian state hackers
Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars TechnicaDDoS temporarily take out sites as Ukraine stares down Russian soldiers at its border.#DDoS#2022#EN#Ukraine#arstechnica·arstechnica.com·Feb 16, 2022Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars TechnicaNever-before-seen, cross-platform SysJoker came from an "advanced threat actor."#Backdoor#RAT#EN#arstechnica#SysJoker#APT·arstechnica.com·Feb 15, 2022Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
