17 May 2018

On Tuesday, we released the details of RCE vulnerability affecting Spring Data (CVE-2018-1273). We are now repeating the same exercise for a similar RCE vulnerability in Spring Security OAuth2 (CVE-2018-1260).

November 02, 2016

Linux/Moose's Clever SchemeCybercrime is an evolving phenomenon and offenders are continuously adapting to find new techniques to monetize their illicit activities. Our research paper and upcoming BlackHat Europe presentation - EGO MARKET: When People’s Greed for Fame Benefits Large-Scale Botnets - is about Linux/Moose, a botnet that conducts social media fraud. This blog post is a summary of our paper.

October 17, 2016

Command InjectionLast week, a new version of Find Security Bugs (FSB), a FindBugs extension was released.

In this post, we will present the most recent improvements and some project announcements.

October 12, 2016

Our old blog was officially migrated into its new home in our website! Our previous blog will redirect you here automatically.

Remember to update your bookmarks.