CSOonline

APT group hits IIS web servers with deserialization flaws and memory-resident malware

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET ...
Bleeping Computer

JavaScript Web Apps and Servers Vulnerable to ReDoS Attacks

JavaScript web apps and web servers are susceptible to a specific type of vulnerabilities/attacks known as regular expression (regex) denial of service (ReDoS). These vulnerabilities take place when ...