Apache called out for reporting incorrect versions in Struts vulnerabilities https://www.infosecurit...

A researcher found out that you can discover if a user is in incognito mode in Chrome using a timing...

The Capital One breach leads the news this week, for a dozen good reasons. https://start.jcolemorris...

Facebook is under heavy fire for privacy "violations", although they never did anything they didn't...

It's 1994 again! Encryption is on the table for law enforcement. Be ready for entry in the back door...

Awesome paper presented in France covering XXE - really good research.  Worth a read. https://w...

A wonderful human being put together a list of resources about hacking mainframe systems, worth a lo...

Good article on using fuzzers as productivity tools https://kripken.github.io/blog/binaryen/2019/06/...

Fascinating look into Internet routing that caused an outage last week.  We are really building...

Google has decided that the API that underpins the Chrome extension kit is too powerful - and they a...

Happy Father's Day!   Great writeup by Rapid7 about security-focused HTTP headers. https://blog...

Accidentally Took Memorial Day Weekend Off Edition   New tool: FinalRecon- OSINT Tool For...