When it's time to talk attacks, it's hard to get more evil than a technique that uses victims' own systems against them. Server-side request forgery (SSRF) is one of those evil attacks, and it's one ...

ESET researchers have discovered and analyzed a previously undocumented trojan that steals payment information from e-commerce websites' customers. The trojan, which we named IIStealer, is detected by ...

Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made ...

ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, ...

Apple Pay has a slew of protective features that make it a secure method of online credit card transactions. And since 2016, third-party merchants and services have been able to embed Apple Pay into ...

Two flaws in Microsoft’s cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks. Researchers have disclosed two flaws in Microsoft’s ...