This February, we ran a Find Security Bugs scan on over at least one hundred components from the Spring Framework. Here is how these vulnerabilities were found, followed by a thorough review of the proposed fix.
10 août 2017
New results related to our research about Linux/Moose, an IoT botnet that conducts social media fraud (SMF), were published in the scientific journal, Social Media & Society, last week. The article is open-source and available at: http://dl.acm.org/citation.cfm?id=3097301. However, if you don’t want to bother reading it, the blog post provides a quick summary of the main findings.
20 juillet 2017
In this blog post, we discuss the basic strategy to integrate CSP into an existing website. It covers the theory and the new features of CSP Auditor.
30 juin 2017
In the last few days, we closely followed the malicious software outbreak that took control of about 12,500 devices, mostly in Ukraine and Russia, demanding a $300 ransom from the infected device’s owner. Although this new attack is fascinating, we noticed that the associated stories quickly got out of hand.