Understanding The Risk And Phenomenon Of Crypto Assets

As the world evolves from Web 2.0 to Web 3.0 – think decentralised protocols for crypto assets, identities, and computer-services leveraging blockchain technology – cyber threat teams too must evolve their understanding of the technology at play to stay ahead of threats. Although the industry has evolved considerably since its inception, there is significant room […]

CyRC Vulnerability Advisory: Stored XSS In Directus

Transaction Signing Solution

CVE-2022-24814 is a stored XSS vulnerability that can lead to account compromise in the admin application of Directus. Overview Synopsys Cybersecurity Research Center (CyRC) research has identified a stored cross-site scripting (XSS) vulnerability in Directus, a popular open source headless content management system (CMS) built in JavaScript. Directus is a web-based admin application that allows […]

Over 16,500 Sites Hacked To Distribute Malware Via Web Redirect Service

Malware Ranks First

As reported by Hacker News, A new traffic direction system (TDS) called Parrot has been spotted leveraging tens of thousands of compromised websites to launch further malicious campaigns. Traffic direction systems are used by threat actors to determine whether or not a target is of interest and should be redirected to a malicious domain under […]