Author Archives: Ionut Arghire

SecurityWeek RSS Feed: Google Makes Secure LDAP Generally Available

Google this week announced the general availability of secure LDAP, after introducing the capability in October at Next ’18 London.

Allowing customers to manage access to traditional LDAP-based apps and IT infrastructure, it can be used with either G Suite or Cloud Identity, Google’s managed identity and access management (IAM) platform.

read more



SecurityWeek RSS Feed

Cryptocurrency-Stealing Code Distributed via Popular Library

The popular EventStream Node.js library was recently modified to fetch malicious code designed to steal crypto-currencies.

Designed as a toolkit to make creating and working with streams easy, the JavaScript package has around two million downloads a week, which makes it a valuable resource to application developers and malicious actors alike.

read more

SecurityWeek RSS Feed: Cryptocurrency-Stealing Code Distributed via Popular Library

The popular EventStream Node.js library was recently modified to fetch malicious code designed to steal crypto-currencies.

Designed as a toolkit to make creating and working with streams easy, the JavaScript package has around two million downloads a week, which makes it a valuable resource to application developers and malicious actors alike.

read more



SecurityWeek RSS Feed

SecurityWeek RSS Feed: DoS Vulnerabilities Impact Linux Kernel

Two recently disclosed Linux kernel vulnerabilities that remain unpatched could be exploited for local denial-of-service (DoS).

The flaws, both which were made public last week, impact Linux kernel 4.19.2 and previous versions. Both represent NULL pointer deference bugs that can be exploited by local attackers and are considered Medium severity. 

read more



SecurityWeek RSS Feed

Attackers Target Drupal Web Servers with Chained Vulnerabilities

A recent attack targeted Drupal web servers with a chain of vulnerabilities that included the infamous Drupalgeddon2 and DirtyCOW flaws, Imperva security researchers say.

The attack was short and impacted only some Linux-based systems, but it was noteworthy for attempting to persistently infect vulnerable servers and take over machines.

read more