Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets.

A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites.

Researchers at My Online Security and the SANS Internet Storm Center have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware.

GoDaddy, along with researchers from RSA Security and other companies, shut down tens of thousands of illegal established subdomains tied to the RIG Exploit Kit.

The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.

A bug in GoDaddy’s domain validation process forced the registrar to revoke SSL certificates and reissue certs for more than 6,000 customers.

Domain registrar GoDaddy fixed a vulnerability affecting systems used by its customer support agents that could have been abused to take over, modify or delete accounts. Researcher Matthew Bryant said that a riff on a cross-site scripting attack called a blind XSS was to blame. A GoDaddy customer, Bryant wrote on Sunday on his blog...