CSOonline

APT group hits IIS web servers with deserialization flaws and memory-resident malware

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET ...
Bleeping Computer

JavaScript Web Apps and Servers Vulnerable to ReDoS Attacks

JavaScript web apps and web servers are susceptible to a specific type of vulnerabilities/attacks known as regular expression (regex) denial of service (ReDoS). These vulnerabilities take place when ...
PC World

File-encrypting ransomware starts targeting Linux web servers

Ransomware authors continue their hunt for new sources of income. After targeting consumer and then business computers, they’ve now expanded their attacks to Web servers. Malware researchers from ...